Daniel  Gasparro,  chief  technologist  at  consulting  firm  Booz  Allen  Hamilton,  on: 

•  Switching  from  frame  relay  to  MPLS.  •  VoIP  reservations.  •  Keeping  an  eye  on  carriers. 


The  leader  in  network  knowledge  ■www.nwfusion.com  November  22,  2004  ■  Volume  21,  Number47 


Cool  Yule  Tools 

With  the  start  of  the  awards  season 
soon  upon  us.  Network  World  joins  the 
Grammys,  the  Tonys  and  the  Academy 
Awards  with  the  Globey  —  a  prestigious 
honor  for  the  coolest  gifts  for  the 
holidays.  The  Cool  Yule  Tools  gift  guide 
has  something  for  everyone  on  your  list 
(including  yourself).  Page  38 


More  Cool  Yule  Tools  online! 

Find  more  than  1 30  other  gift  ideas  at 
www.nwfiision.com,  DocFinder:  4729 
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New  and  hidden  risks 
dog  VPN  deployments 


IP  VPNs  save, 
but  they  can 
carry  ‘gotchas’ 

■  BY  TIM  GREENE 

While  IP  VPNs  are  widely 
accepted  as  an  effective  remote 
access  and  WAN  technology  that 
can  save .jnoney  there  are  hidden 
challenges  users  should  be  aware 
of  to  avoid  costly  problems. 

For  instance,  Concord,  Mass., 
business  consultancy  Mercator 
Partners  is  scrapping  the  Sonic- 
Wall  IPSec  VPN  appliances  it 
deployed  in  home  offices  in 
favor  of  IPSec  client  software  on 
employees’  PCs. 

Although  the  appliances  live  up 
to  their  promise  of  segregating 
business  machines  from  home 
machines  via  separate  ports,  it 
turns  out  the  arrangement  leaves 
open  the  possibility  that  family 
members  still  could  tap  into  the 
corporate  VPN,  says  Seth  Cordes, 
IT  manager  at  the  firm. 

Rather  than  risk  that,  Mercator 
changed  technology  and  now 
just  home  PCs  with  the  software 
can  tap  into  the  VPN. 

Still,  looking  at  the  big  picture, 
there  are  significant  savings  to  be 
gleaned  from  VPNs,  particularly 
site-to-site  VPNs  that  replace  tra¬ 
ditional  WAN  links.  “On  average, 
customers  are  paying  anywhere 
between  $450  and  $1,200  a 
month  per  site  on  dedicated  cir¬ 
cuits,”  says  John  Pouliot,  a  princi¬ 
pal  with  WAN  Strategies,  an  inte¬ 
grator  and  VPN  service  provider 
in  Manchester,  N.H. 

With  an  Internet-based  VPN, 
See  VPNs,  page  53 


Google  search  cache  spawns  SSL  fear. 

■  BY  TIM  GREENE 

It’s  proving  tougher  than  anticipated  to  protect  SSL  VPNs  from  the 
voracious  caching  machine  housed  inside  Google  Desktop  Search. 

The  search  tool,  which  is  in  beta,  still  manages  to  store  and  leave  in 
the  open  certain  SSL  VPN  data  despite  the  best  efforts  of  tools  to  curb 
the  search  engine’s  activity 

Customers  are  concerned  that  SSL  VPN  data  might  be  cached  and 
indexed  by  Google  Desktop  Search  on  a  machine  that  is  out  of  cor¬ 
porate  control,  such  as  an  employee’s  home  PC  or  one  borrowed  by 
an  employee  visiting  a  business  associate,  “it  would  be  a  horrible 
thing  to  think  that  there  was  a  trail  being  left  behind  of  what  went  on 
in  what  we  regarded  as  secure  SSL  VPNs,”  says  Jim  Abshire,  manager 
of  operations  and  systems  development  at  Herr  Foods  in  Nottingham, 

See  Google,  page  12 
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One  man’s  trash  is 


another’s  cheap  PC 


Goodwill  Industries’  high-tech  odyssey, 


■  BY  ELLEN  MESSMER 


People  browsing  through 
the  Goodwill  Industries  thrift 
store  in  Santa  Ana,  Calif.,  aren’t 
rummaging  for  used  clothes  or  toys, 
although  that  and  more  are  sold  in 
spectacular  volume  in  another 
part  of  the  building.  In  this  cor¬ 
ner,  thrifty  computer  shoppers 
are  inspecting  used  computers  at 
bargain  prices:  an  HP  Pavilion  with 
NEC  monitor  for  $99,  a  Toshiba  Equium  7100M  for  $149  and  a 
450M-byte  Dell  for  $49.99.  Others  are  examining  pre-owned 
D-Link  Systems  and  Farallon  network  cards  that  sell  for  $2.99. 

It  was  all  once  someone  else’s  computer  gear  recycled  by 
the  Goodwill  organization  of  Orange  County,  a  nonprofit  that 

See  Goodwill,  page  16 
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WHEN  YOU  STEPPED  AWAY 
FROM  YOUR  DESK,  A  WORM  WAS 
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ELIMINATED  BEFORE  ANYONE 
NOTICED  YOU  WERE  GONE. 
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Cool  Yule  Tools 

Not  sure  what  to  get  the  big  kids  on  your  list?  Not  sure  what  to  put 
on  your  wish  list?  Check  out  our  annual  Holiday  Gift  Guide,  where  we 
give  you  the  lowdown  on  more  than  130  cool  gifts,  from  cell  phones 
and  digital  cameras  to  video  games,  robots,  vending  machines  and 

more.  DocFinder:  4729 

Network  World  Fusion  Radio:  IBM's  World 
Community  Grid 

IBM  is  looking  to  harness  the  power  of  the  millions  of  Internet- 
connected  PCs  around  the  globe  to  work  on  important  research 
projects  (such  as  protein  folding  analysis)  as  part  of  its  new  World 
Community  Grid  initiative.  We  talk  with  Robin  Willner,  IBM’s  director  of 
corporate  community  relations,  about  the  Grid,  how  users  can  get 
involved  and  what  projects  will  be  tackled,  DocFinder:  4734 

Virtual  Showdown:  How  best  to  patch 

We  hosted  six  patch  vendors,  three  analysts  and  your  peers  in  this 
virtual  debate.  See  what  the  vendors  had  to  say  on  patch  testing, 
agent  vs.  agent-less  approach,  building  secure  code  and  more. 

DocFinder:  4735 

RSS  feeds 

Keep  up  with  Network  World  Fusion's  breaking  news,  columnists, 
reviews  and  in-depth  feature  articles  in  a  desktop  aggregator  —  or 
offer  headlines  to  your  Web  site's  visitors.  DocFinder:  4036 
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Telework  Beat 

Telework  for  your  health,  Part  3 

Net.Worker  Managing  Editor  Toni  Kistner  looks  at  studies  that 

show  suburban  sprawl  promoting  premature  aging. 

DocFinder:  4736 

Wireless  Wizards 

WiMAX  as  fiber  replacement 

The  Wizards  answer  a  reader  who  asks:  “Can  we  use  WiMAX 
technology  as  a  backbone  (say  to  replace  fiber  optics)  with  the 
same  efficiency  as  fiber?  We  want  to  connect  equipment 
between  cities.  Can  we  use  WiMAX  and  have  sufficient  band¬ 
width?  DocFinder:  4737 
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Storage  breakthroughs,  Part  1 

Columnist  James  Gaskin  looks  at  SATA  drives  and  how  they 
speed  data  transfer.  DocFinder:  4738 

HomeLAN  Adventure 

Time  to  secure  our  home  networks 

Columnist  Keith  Shaw  examines  a  survey  that  finds  consumers 
frighteningly  ignorant  of  Internet  threats.  DocFinder: 

4739 
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Future  Vision 

Are  you  tasked  with  managing  next-generation  security? 
The  new  data  center?  WANs  and  LANs?  Applications  man¬ 
agement?  IP  telephony?  Wireless?  Your  new  year  begins 
early  at  this  Welcome-to-2005  Tech  Tour  event.  Qualified 
professionals  attend  free. 
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Oracle  cranks  up  patching  machine 

■  Oracle  last  week  said  it  intends  to  begin  issuing  cumulative  soft¬ 
ware  patches  for  Oracle  Database,  E-Business  Suite,  Application 
Server,  Oracle  Enterprise  Manager  and  Collaboration  Suite  on  a 
quarterly  basis  next  year,  beginning  Jan.  18.  Oracle’s  other  three 
scheduled  patch-release  updates  will  be  April  12,  July  12  and  Oct. 
18.  Oracles  chief  security  officer,  Mary  Ann  Davidson,  said  the 
quarterly  software-patch  updates  would  address  any  needed 
security  fixes  and  non-security-related  changes  in  Oracle  prod¬ 
ucts.  The  planned  updates,  which  Oracle  calls  Critical  Patch 
Updates,  are  intended  to  make  it  easier  for  Oracle  customers  to 
handle  the  software  maintenance  process,  which  typically  re¬ 
quires  shutting  down  servers  and  testing  applications  to  ensure 
they  run  correctly  after  a  patch  is  applied.  Oracle  has  selected 
four  days  in  the  year  it  believes  will  let  it  avoid  disrupting  business 
processes  such  as  end-of-quarter  efforts  to  close  the  books  on 
financials.  Oracle  will  make  an  exception  to  the  quarterly  patch 


TheGood  heBatf  fheUgly 

Do  you  believe  in  magic?  Those 

of  you  who  think  Microsoft’s  act  is  largely  a 
combination  of  smoke  and  mirrors  just  might 
be  on  to  something.  Offering  relief  from  managing 
complex,  distributed  systems,  Microsoft  Chief 
Software  Architect  Bill  Gates  last  week  told 
attendees  of  the  IT  Forum  in  Copenhagen 
that  "The  magic  of  software  can  eliminate 
this  complexity.”  Gates  made  his  address 
amid  a  cloud  of  smoke  left  lingering  from 
the  magic  show  that  preceded  him  on 
stage.  > 

Spammer  headed  to 


f 

tla 


Slammer.  Associated  Press  reports 
that  Jeremy  Jaynes  cranked  out  as  many  as 
10  million  unsolicited  e-mails  a  day  via  16  high¬ 
speed  lines,  according  to  information  presented 
at  his  eight-day  trial  earlier  this  month  in 
Virginia.  The  jury  recommended  a  nine-year 
prison  term  in  what  AP  described  as  the 
first  felony  trial  of  a  spam  sender.  Sentencing 
is  set  for  February. 

Avici  gives  CEO  the  boot  It's  not  easy  competing  with  Cisco.  Or 
Juniper  for  that  matter.  Carrier  router  vendor  Avici  Systems  last  week  sacked  its 
CEO  after  a  65%  drop  in  third-quarter  revenue.  Steve  Kaufman,  Avici's  chief  since 
July  2001,  has  been  replaced  on  an  interim  basis  by  board  member  William  Leighton, 
who  retired  recently  from  AT&T,  Avici's  largest  customer. 


process  if  it  has  to  issue  a  high-severity  security  alert  because  of  a 
vulnerability  discovered  in  any  Oracle  product,  particularly  if  an 
exploit  for  it  was  known  to  exist  in  the  wild. 

Microsoft  taps  into  Vintela,  rips  into  Linux 

■  Microsoft  last  week  came  as  close  at  it  might  ever  get  to  supporting  Unix  and  Linux 
when  it  took  a  minority  stake  in  integration  vendor  Vintela.  Vintela  has  been  cranking 
out  software  over  the  past  few  months  to  extend  Windows-based  authentication,  man¬ 
agement  and  monitoring  capabilities  to  Unix,  Linux  and  Macintosh  operating  systems. 
Neither  Microsoft  nor  Vintela  would  reveal  the  size  of  the  investment,  although  sources 
said  it  was  less  than  $10  million.  In  addition  to  the  infusion  of  capital,  the  pair  also 
agreed  to  a  set  of  commercial  agreements  that  will  have  Microsoft  providing  Tier-1  sup¬ 
port  for  corporate  customers.  The  agreements  also  include  licensing  for  a  series  of 
undisclosed  Windows  protocols  that  will  tie  Vintela’s  products  more  tightly  to  Microsoft’s 
infrastructure  software. Speaking  of  Microsoft  and  Linux,  the  software  maker’s  CEO  Steve 
Ballmer  last  week  warned  Asian  governments  that  they  could  face  intellectual  rights- 
infringement  lawsuits  for  using  rival  open  source  operating  platforms  such  as  Linux. 
Ballmer,  speaking  in  Singapore  at  Microsoft’s  Asian  Government  Leaders  Forum,  said 
that  Linux  violated  more  than  228  patents.  He  did  not  provide  any  detail  on  the  alleged 
violations,  which  the  Linux  community  disputes. 


San  Francisco  jumps  on  public  Wi-Fi  bandwagon 

■  San  Francisco  became  the  latest  city  in  the  country  planning  to  build  a  public  wire¬ 
less  infrastructure.  Mayor  Gavin  Newsom  said  last  week:“We  will  not  stop  until  every  San 
Franciscan  has  access  to  free  wireless  Internet  service,”  he  said  in  his  annual  state  of  the 
city  address.“No  San  Franciscan  should  be  without  a  computer  and  a  broadband  con¬ 
nection.”  He  said  the  city  already  had  made  free  Wi-Fi  service  available  at  Union  Square, 
a  central  shopping  and  tourist  hub,  and  would  add  access  to  several  other  sections  of 
the  city  including  Civic  Center  around  City  Hall.  Philadelphia,  San  Jose  and  other  cities 
also  have  started  setting  up  large  areas  of  Wi-Fi  coverage. 

Not  just  Bangalore  anymore 

■  Southern  India’s  Kerala  state  last  week  said  it  plans  to  attract  overseas  companies  by 
building  Smart  City,  a  1,000-acre  site  where  technology  companies  from  around  the 
world  will  be  invited  to  set  up  operations.The  area  will  feature  office  space,  residences, 
schools  and  an  entertainment  complex.lt  will  include  software  developers  and  call  cen¬ 
ters  —  two  of  the  Indian  economy’s  fastest-growing  sectors.  Smart  City  will  be  created 
and  managed  by  Dubai’s  Internet  City,  a  free  trade  zone  backed  by  the  country’s  gov¬ 
ernment.  It  is  being  built  with  an  initial  investment  of  $400  million  from  various 
investors.  Dubai’s  Internet  City  offers  foreign  companies  100%  tax-free  ownership,  no 
currency  restrictions,  easy  registration,  and  licensing  and  protection  of  intellectual 
property  its  Web  site  says.  Indian  states  are  competing  with  one  another  to  court  invest¬ 
ments  from  IT  companies,  trying  to  emulate  the  success  of  the  southern  technology 
hubs  of  Bangalore  and  Hyderabad. 


COMPENDIUM 

What’s  better  than  a  Segway? 

A  Solway  equipped  with  “a  tablet  PC,  a  GPS  system,  a  video  camera  with  night  vision, 
a  ceil  phone  and  mobile  data  network  that  uses  a  combination  of  Wi-Fi  and  cellular 
data  h  -  nsmlssion  to  allow  him  to  stroam  live  video  and  audio  to  the  Internet.”  Read 
ali  about  it  at  www.nwfusion.com,  DocFinder:  4748. 


Cisco  gets  into  Jahi 

■  Cisco  last  week  said  it  was  buying  privately  held  Jahi  Networks  of  San  Jose, a  provider 
of  network  management  appliances  designed  to  simplify  device  deployment,  configu¬ 
ration  and  management.  Under  the  terms  of  the  agreement,  Cisco  will  pay  approxi¬ 
mately  $16  million  in  cash  and  assumed  options.The  acquisition  of  Jahi  is  expected  to 
close  in  the  second  quarter  of  Cisco’s  fiscal  year  2005.  Jahi  was  founded  in  2003  and  has 
20  employees  in  San  Jose  and  Hyderabad,  India. 


Prepare  for  converged  networking.  Download 
“Rethinking  the  Building  Blocks  of  Your  Network," 
our  latest  white  paper  from  The  Tolly  Group,  at 

www.gobroadcom.com/convergence 


■jmii 

wsasi 

’fun 


iSaPMm 

l»WH 


A 

LOOK  WITHIN  — 
YOUR  NETWORK  IS  MORE 
POWERFUL  THAN  YOU  REALIZE 


To  engage  the  immense  power  of  IP  convergence  —  data,  voice,  applications,  networks  —  the  underlying  technology  must  function  securely, 
reliably  and  efficiently.  Only  Broadcom®  offers  end-to-end  networking  chips  with  the  built-in  power  to  manage  convergence  —  from  core 
storage  and  servers,  through  switch  fabrics  to  desktops,  multi-functional  devices  and  beyond.  Broadcom’s  wired  and  wireless  technology 
throughout  the  network  reduces  complexity  and  enhances  the  end-user  experience.  With  Broadcom,  there  is  no  gap  between  legacy  and 
future  technologies  —  only  seamless  communication  at  maximum  speed.  Technology  advances.  Networks  expand.  Control  is  maintained. 


Broadcom.*  the  pulse  logo.  Connecting  everything  *  and  the  Connecting  everything  logo  are  trademarks  of  Broadcom  Corporation  and/or  its  subsidiaries  in  the  United  States  and  certain  other  countries.  All  other  trademarks  are  trie  property  of  their  respective  c 
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Network  executives 
share  their  wisdom 


iooz  Alien  moving  to  MPLS 

Consulting  firm  holds  off  on  VoIP. 

With  15,000  employees  and  revenue  topping  $2. 7  billion,  Booz  Allen  Hamilton  is  one  of  the 
largest  and  most  successful  business  and  IT  consulting  firms  in  the  world.  This  fall,  Booz  Allen  is 
replacing  an  old  frame-relay  network  from  MCI  with  a  Multi-protocol  Label  Switching  infrastruc¬ 
ture  from  AT&T  Daniel  Gasparro,  chief  technologist  at  Booz  Allen,  spoke  recently  with  Network 
World  Senior  Editor  Carolyn  Duffy  Marsan  about  how  to  select  a  viable  carrier  and  why  he's 
bucking  the  trend  toward  Internet  telephony  Here  are  excerpts  from  their  conversation. 


What  is  your  role  with  regard  to  the  company's  global  network 
infrastructure? 

My  group,  which  is  Operations  Services,  has  about  160 
people  worldwide. We  have  nine  service  offerings  that  we 
deliver  to  the  firm:  infrastructure;  end-user  computing; 
security;  telephony;  video;  e-mail;  collaboration;  data  man¬ 
agement;  and  global  business  applications,  including 
human  resources  and  finance.  Our  mission  is  to  support 
these  services  worldwide. 

You  awarded  a  three-year,  $5  million  contract  to  AT&T  this  sum¬ 
mer  for  the  new  MPLS  network.  What  are  you  trying  to  accom¬ 
plish  with  this  upgrade? 

We  want  to  simplify  the  number  of  technologies  that  we 
have  deployed  for  our  data  network.  Before,  we  had  frame 
relay  We  had  point-to-point  connections.  We  had  DSL.  We 
had  VPN  connections.  So  we  had  a  hodgepodge  of  tech¬ 
nologies.  We  are  going  to  standardize  the  majority  of  our 
connections  on  MPLS.  We  are  not  converging  our  net¬ 
works  —  that  is  moving  voice  and  data  over  a  common 
IP  network. We’ve  been  pretty  explicit  that  we  don’t  want 
to  go  to  voice  over  lPWe  are  going  off  of  frame  relay  alto¬ 
gether.  The  reason  is  that  we  can  do  quality  of  service 
with  MPLS  that  we  couldn’t  do  with  frame  relay 

What  carriers  did  you  consider  for  this  upgrade? 

We  looked  at  Equant,  Sprint,  AT&T  and  Verizon.  We  also 
looked  at  having  a  mixed  portfolio. We  looked  at  the  tech¬ 
nology  from  each  carrier  and  the  risk.  By  risk  1  mean,  are 
all  of  these  vendors  going  to  be  around  three  years  from 
now?  Oddly  enough,  once  we  got  down  to  the  short  list, 
there  was  not  a  whole  lot  of  difference  in  terms  of  service 
delivery  They  all  had  points  of  presence  where  we  need¬ 
ed  them. They  all  had  MPLS.  It  came  down  to  the  cus¬ 
tomer  service  experience  and  how  they  had  done  with 
the  quality  of  service  they  have  been  delivering  to  their 
current  client  base.  We  started  asking  questions  about 
their  strategy  which  is  not  something  that  a  lot  of  these 
procurement  processes  go  through.  We  looked  at  how 
their  infrastructure  was  designed,  their  reach  around  the 
world,  who  they  were  in  partnership  with  and  what  was 
the  long-term  viability  of  the  firm.  Ours  was  a  much  more 
comprehensive  process  than  I’ve  seen  other  firms  go 
through. 

Having  done  all  that  analysis,  what  is  your  take  on  the  state  of 
ths  tsiectm  market  right  now? 

I  don’t  think  it’s  ever  going  to  be  settled.  We’re  going  to 
see  some  carriers  surge  forward  because  of  the  wireless 
buildup,  which  has  been  overshadowed  in  the  last  five 


years  because  of  the  carrier  problems.  It’s  refreshing  to 
hear  that  certain  carriers  are  now  offering  quality  of  ser¬ 
vice  for  wireless  services.  All  the  carriers  are  wrestling 
with  how  they  can  serve  business  better. 

What  were  the  top  business  drivers  for  your  network  upgrade 
project  with  AT&T? 

The  No.  1  driver  was  availability  And  not  just  from  a 
technology  perspective  but  from  the  perspective  of  com¬ 
pany  viability  What  you  don’t  want  is  to  find  out  that 
you’re  working  with  somebody  who  is  suddenly  going  to 
be  diverted  because  they  have  financial  problems.  In  the 
not-too-distant  second  place  was  the  question:  Are  they 
able  to  grow  with  us  in  terms  of  adding  new  services 
without  adding  significant  cost?  In  the  old  days,  if  you 
added  two  offices,  you  saw  your  bandwidth  and  your 
costs  jump  by  an  equal  percentage.  In  terms  of  my  total 
operating  budget  and  how  it  grows  as  a  percentage  of 
revenue,  it  has  to  be  very  controlled  growth.  When  you’re 
running  an  overhead  business  you  have  to  be  smart  in 


how  you  apply  those  dollars. 

What  are  the  bottom-line  benefits  that  your  new  MPLS  infra¬ 
structure  will  provide  to  your  consultants  in  the  field? 

Better  network  availability  It  isn’t  so  much  network  out¬ 
age  related  as  it  is  performance-related  availability. The 
networks  seemed  to  clog  up  after  a  while.  So  there  is  bet¬ 
ter  performance  and  redundancy  for  offices  that  are  con¬ 
sidered  hub  locations.  We  didn’t  really  make  any  gains 
financially  because  we  didn’t  have  back-up  capabilities 
before  and  now  we  do.  We  got  more  capability  for  about 
the  same  cost. 

Will  any  particular  applications  perform  better  on  MPLS? 

I  don’t  know  how  much  performance  gains  I’m  getting 
with  MPLS  because  I’m  converting  our  No.  1  application 
over  as  well.  We’re  switching  from  Netscape  to  Microsoft 
[for  Web  and  messaging  applications]  right  now.  I  read, 
and  our  technical  staff  read,  that  MPLS  is  a  more  forgiving 
network  technology  when  you’re  oversubscribed.!  am 
hoping  that  is  the  case.  Right  now  we’re  going  from  the 
old  network  to  the  new  network.  We’re  not  even  taking  a 
breather,  and  we’re  adding  a  whole  new  application  suite. 
And  it  is  our  critical  application  at  that. 

%* 

You're  doing  a  major  network  upgrade.  You're  upgrading  the 
key  office  suite.  What  else  are  you  trying  to  get  done  this 
year? 

We’re  continuing  to  add  a  more  comprehensive  security 
infrastructure  in  terms  of  virus  remediation  and  access 
control  technologies.  We’re  also  focusing  on  end-user 
back-up  capabilities, so  we  can  back  up  users  across  the 
Internet.  We’re  going  to  pure  Web-based  printing  and  file 
sharing.  We’re  also  going  through  a  wireless  rollout  in  key 
office  locations.  In  my  10  years  here,  we’ve  never  done  so 
many  upgrades  all  at  once. 

What's  your  strategy  with  regard  to  wireless  LANs? 

See  Booz  Allen,  page  9 
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Title: 
Organization: 
Responsibilities: 
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infrastructure: 

Staff  size: 
Tenure: 
Previous  job: 

Education: 

First  computer: 
Home  network: 


Last  good  IT  or 
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Chief  technologist 
Booz  Allen  Hamilton 

Runs  the  Global  Operations  Services  Group,  which  is  responsible  for  PCs,  networks  and  appli¬ 
cations;  development  and  management  of  the  firm’s  IT  Governance  Mode;  reports  to  the  CIO. 

12%  of  annual  IT  budget  (which  he  would  not  disclose). 

160  people 
10  years 

President  of  Network  Quality  Assurance,  a  technology  consulting 
firm  that  focused  on  IT  transformation. 

B.S.  in  Research  Design  in  Management 
from  George  Mason  University. 

A  ‘‘luggable’’  Compaq  portable. 

"A  wireless,  54M  bit/sec  network.  We 
have  multiple  systems  connected  to 
it,  and  you  can  roam  around  the  house.” 

Execution:  The  Discipline  of  Getting 
Things  Done  and  IT  Governance: 

How  Top  Performers  Manage  IT 
Decisions  Right  for  Superior 
Results. 
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Microsoft's  mgmt  wares  trickle  out 


Anatomy  of  a  platform 

Microsoft  is  nearly  two  years  into  its  Dynamic  Systems  initiative,  a  10-year  plan  to 
create  a  management  platform  for  Windows.  While  Microsoft  has  a  number  of  products 
under  the  DSI  banner,  experts  say  the  company  has  to  explain  how  it  all  comes  together. 


Available 

Description 

Automated  Deployment  Services 

System  imaging  tool  to  auto-install  operating  system  to 
hardware. 

Windows  System  Resource  Manager 

Tool  to  allocate  processors  and  memory,  shipped  with 
Windows  Server  2003. 

Microsoft  Operations  Manager 
(MOM)  2005 

Ships  with  MOM  Connector  Framework,  which  supports 
third-party  tools  for  integration  with  other  platforms 

Systems  Management  Server  (SMS)  2003 
Service  Pack  1,  plus  new  feature  packs 

New  feature  packs  for  device  management  and  operating 
system  deployment. 

Virtual  Server  2005;  Virtual  Server 
2005  Migration  Toolkit 

Virtualization  platform  plus  tools  to  migrate  operating  system 
and  applications  from  physical  server  to  virtual  server. 

On  deck 

Visual  Studio  2005,  with  Team  System 
and  Whitehorse 

Modeling  tools  introduce  developers  to  the  System  Definition 
Model,  a  way  applications  signal  management  information 
to  the  network.  Scheduled  release:  first  half  of  2005. 

System  Center 

Combination  of  MOM,  SMS,  reporting  tools  and  data 
warehousing.  Scheduled  release:  first  half  of  2005. 

Indy 

Capacity  planning  tool  forVersion  2  of  System  Center. 
Integrates  with  Longhorn  operating  system  and  “Orcas” 
version  ofVisual  Studio.  Scheduled  release  of  all  three: 
2006-2007. 

Windows  Update  Services 

Patch  download  and  deployment  server  for  use  on  corporate 
network.  Scheduled  release:  First  half  of  2005. 

■  BY  JOHN  FONTANA 

Microsoft  last  week  released  a 
handful  of  software  products  that 
are  key  elements  in  its  drive  to 
develop  a  comprehensive  man¬ 
agement  platform  for  Windows, 
but  users  and  experts  say  the 
overall  plan  needs  to  be  clearer. 

The  company  released  Micro¬ 
soft  Operations  Manager  (MOM) 
2005,  a  monitoring  and  perfor¬ 
mance  tool;  Virtual  Server  2005; 
and  the  Virtual  Server  2005 
Migration  Toolkit  (see  graphic). 
Two  feature  packs  for  Systems 
Management  Server  (SMS)  2003 
for  device  management  and  oper¬ 
ating  system  deployment  also 
were  made  available. 

Microsoft  also  released  the  first 
beta  of  Windows  Update  Services, 
a  free  Windows  server  add-on  that 
automates  the  acquisition  and 
deployment  of  patches  for  Win¬ 
dows  and  other  software. 

Next  year,  MOM  2005  and  SMS 
2003  are  expected  to  be  com¬ 
bined  into  a  new  product  called 
System  Center  2005  that  will  add 
data  warehousing  and  reporting 
features. 

The  new  products  are  part  of 
Microsoft’s  Dynamic  Systems 


Initiative,  a  10-year  plan  to  create  a 
platform  to  support  a  self-manag¬ 
ing  Windows  environment  built 
around  hardware,  software  and 
applications  that  can  signal  to  the 
network  their  management 
needs.  Rivals  such  as  IBM,  HP  and 
Sun  are  developing  similar  utility 
computing  platforms. 

When  Microsoft  introduced  DSI 
in  2003,  users  were  happy  with  the 
management  emphasis  but  saw  it 
more  as  a  vision  and  wondered 
how  Microsoft  would  pull  off  the 
complex  plan. 

To  give  DSI  some  meat,  Micro¬ 
soft  pulled  under  the  DSI  banner 
its  core  existing  management  pro¬ 
ducts  —  SMS  and  MOM  —  and 
some  server  tools  for  resource 
allocation  and  operating  system 
deployment. 

“I  keep  watching  DSI  but  until  it 
gets  more  mainstream  . . .  and  it’s 
something  we  know  works,  we 
won’t  mess  with  it,”  says  Arch 
Willingham,  vice  president  of 
Parks  Construction  in  Chatta¬ 
nooga, Tenn.  Willingham  is  a  satis¬ 
fied  SMS  user,  but  says,  “there  is 
nothing  out  there  grabbing  us  and 
saying  we  need  to  do  more.” 

Others  are  more  optimistic. 

“They  definitely  need  to  inte¬ 


grate  all  this  management  func¬ 
tionality’  says  Chris  Sackmann,  a 
systems  developer  for  Rackspace 


Managed  Hosting,  a  hosting  pro¬ 
vider  with  4,000  Windows  and 
4,000  Unix/Linux  servers.  “They 
need  to  do  it  because  it  gives  you 
better  oversight  into  what  your  en¬ 
terprise  is  doing  and  deeper 
insight  into  what  each  compo¬ 
nent  within  your  enterprise  is 
doing  for  your  architecture.” 

Sackmann  says  Rackspace  is 
adopting  management  compo¬ 
nents,  including  SMS  2003,  MOM 
2005  and  a  beta  of  the  System 
Center  reporting  features.  “From 
our  perspective,  the  DSI  direction 
makes  total  sense.” 

Still,  Microsoft  has  major  chores 
ahead, some  analysts  say. 

“Microsoft  is  taking  on  big  tasks," 
says  Richard  Ptak,  an  analyst  with 
Ptak,  Noel  &  Associates.  “For  years 
they  have  made  billions  on  soft¬ 
ware  with  functionality  that  was 
good  enough.  Now  they  are  realiz¬ 
ing  that  ‘good  enough’  has  ratch¬ 
eted  up.  They  have  to  offer  intelli¬ 
gently  managed  software.”  He  says 
Microsoft  appears  committed  to 
management,  but  “DSI  hasn’t  been 
communicated  effectively  to  the 
market.” 

Last  week,  Microsoft  potentially 
fueled  that  skepticism  by  unveil¬ 
ing  its  latest  DSI  concepts  —  mod¬ 
eling,  knowledge  and  life  cycle  — 
which  it  calls  “the  three  pillars  of 
DSI.”  Microsoft  provided  no  details 
on  what  knowledge  and  life  cycle 
entail  but  said  modeling  would 


provide  health,  configuration  and 
task  information  on  each  man¬ 
aged  network  node. 

“Health  is  how  an  application 
behaves  across  its  life  cycle,  con¬ 
figuration  is  how  an  application  is 
set  up,  and  task  is  how  an  applica¬ 
tion  behaves  and  what  it  does,” 
says  David  Hamilton,  director  of 
the  Windows  and  enterprise  man¬ 
agement  division  at  Microsoft. 

In  the  first  half  of  next  year, 
Microsoft  plans  to  support  the 
modeling  concept  with  the  re¬ 
lease  of  Visual  Studio  2005,  which 
will  introduce  developers  to  a 
core  component  of  DSI  called  the 
System  Definition  Model  (SDM). 
SDM  is  defined  by  XML-based 
documents  that  are  embedded 
into  applications  to  communicate 
management  and  operational 
needs  to  the  network. 

Hamilton  says  Microsoft  pro¬ 
vides  health  models  using  MOM 
but  won’t  start  into  configuration 
and  task  models  until  the  release 
ofVisual  Studio  2005  and  a  capac¬ 
ity-planning  tool  called  Indy, 
which  will  ship  with  the  second 
version  of  System  Center  some¬ 
time  around  the  release  of 
Longhorn. The  Longhorn  client  is 
slated  for  2006,  while  the  server  is 
scheduled  for  2007. 

Mostly  what  Microsoft  offers 
users  now  are  products  that  have 
been  retrofitted  to  the  DSI  model 
with  promises  of  upgrades.  R 


Booz  Allen 

continued  from  page  8 

We’ve  put  in  place  a  multi-pronged  approach. 

One  is  defining  a  policy  of  where  you  can  and 
can’t  put  wireless  within  the  firm. Two  is  that  we  put 
in  a  series  of  physical  firewalls  to  prevent  users 
from  getting  IP  addresses  to  connect  into  the  wire¬ 
less  networks.The  Cranite  system,  which  is  what 
we’re  using,  is  one  of  the  most  comprehensive  wire 
less  firewalls  out  there.  Now  we’re  putting  wireless 
in  eligible  facilities.  Because  of  the  work  that  we  do 
with  our  government  clients, some  of  the  facilities 
are  not  eligible. We  even  have  a  certificate  of  opera¬ 
tions  that  certifies  when  was  the  last  time  we  did 
external  penetration  testing  and  what  the  results 
were.The  next  thing  is  to  roll  out  the  software  client 
with  the  keys  on  the  desktops.This  rollout  is  hap¬ 
pening  this  fall,  along  with  the  other  pieces.  What 
we’re  doing  is  taking  the  desktops  and  laptops,  and 
we’re  re-imaging  all  of  them.There’s  a  whole  new 
suite  of  technology  being  rolled  out  with  that.  One 
of  the  things  we’re  rolling  out  is  Access  Connec¬ 
tions,  which  we  had  a  big  influence  in  designing  at 
IBM.  It  is  a  tool  that  will  let  you  build  as  many  pro¬ 
files  as  you  want  for  accessing  the  network. 

Once  your  MPLS  network  is  in  place,  what  do  you  see  as 
your  biggest  ongoing  concern  about  your  network  infra¬ 
structure? 

The  only  thing  that  does  concern  me  is  the  ability 
of  the  carrier  to  support  this  network  to  my  satisfac¬ 
tion.  Nothing  that  I  see  in  AT&T  leads  me  to  make 
that  statement.  My  experience  in  this  industry  is 


that  when  we  went  from  private  to  frame  and  from 
frame  to  MPLS,  there’s  a  learning  curve  for  the  carri¬ 
er.  MPLS  isn’t  new  to  the  point  where  you’re  bleed¬ 
ing  edge,  but  it’s  still  new  enough  where  [AT&T] 
could  make  mistakes.  I  can’t  afford  costly  mistakes 
right  now.  More  importantly  I  cannot  afford  exten¬ 
sive  outages.  So  my  biggest  concern  is  [AT&T’s] 
knowledge  and  comfort  level  in  supporting  MPLS. 

What  was  the  biggest  mistake  you  made  during  the  net¬ 
work  upgrade? 

We  had  more  problems  with  the  teleconferencing 
than  we  did  with  the  data  systems.The  one  thing 
that  you  don’t  want  to  screw  up  —  which  is  per¬ 
ceived  to  be  a  no-brainer  —  is  the  voice  services. 
We  switched  our  teleconferencing  services  from 
Genesis  to  AT&T.That  involved  extensive  end-user 
retraining.That’s  an  area  where  we  didn’t  think  we 
were  going  to  slip  on  the  banana  peel  and  we  did. 

You  mentioned  earlier  that  you  don't  plan  to  migrate  to 
VoIP.  Why  not? 

The  one  service  I  cannot  afford  to  monkey  with 
and  have  go  out  on  me  is  the  phone. There  is  no 
evidence  that  I  have  seen  that  says  [VoIP]  is  more 
reliable  than  dial  tone.  We  have  just  implemented 
an  enterprise  resilience  capability  here  in  the 
firm. We  have  a  [disaster-recovery  site], and  we 
are  fully  redundant  in  all  these  locations. The  one 
service  I’ve  got  to  have  is  voice.  In  terms  of  the 
cost  trade-offs,  there  are  performance  gains  on 
the  network  side  with  VoIP  I’ve  seen  the  statistics. 
But  no  one  has  convinced  me  that  my  labor  costs 
will  get  cheaper.  ■ 


The  server  platform  of  choice 

just  got  better. 


Introducing  the  Inter  Xeon”  processor  with 
support  for  32-  and  64-bit  applications. 

It  means  the  most  widely  used  server  platform 
in  the  world  can  now  work  even  harder. 

And  new  platform  technologies  enable  increased  power  savings, 

flexibility  and  performance.  For  more 

information — and  more  choice— visit  intel.com/business. 


Support  for 
32-  and  64-bit 
applications 


Improved 

power-saving 

options 


Flexible  memory, 
I/O  and  storage 
configurations 


©2004  Intel  Corporation.  Intel.  Intel  Inside,  the  Intel  Inside  logo,  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  Its  subsidiaries  in  the  United  States  and  other  countries.  All  rights  reserved 
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ai ns  offset  by  escalating  fraud 


Fraud  fears 

Half  of  respondents  to  CyberSource’s  survey  say  online 
fraud  will  become  a  more  serious  business  issue  in  2005. 
Here  are  the  most  popular  reasons  why. 


■  Fraudsters  are  more  sophisticated  and  have  improved  their  methods. 

■  A  higher  incidence  of  identity  theft  is  increasing  online  fraud. 

■  Fraud  losses  are  rising  as  companies  grow  online  sales. 

■  Automated  tools  are  not  as  sophisticated  as  they  need  to  be. 

■  Manual  efforts  to  review  orders  for  fraud  are  not  able  to  keep  up  or  are  too  costly. 

The  average  dollar  value  of  fraudulent  orders  is  growing  faster  than  non-fraudulent  orders. 


m  BY  ANN  BEDNARZ 

Just  in  time  for  the  start  of  the  holiday  shopping  season, 
two  vendors  released  research  last  week  detailing  a  rise  in 
e-commerce  fraud.  CyberSource  published  the  results  of 
its  sixth  annua!  e-commerce  fraud  survey,  while  VeriSign 
came  out  with  its  fourth  Internet  Security  Intelligence 
Briefing,  which  details  Internet  usage  trends  as  well  as 
threat,  vulnerability  and  fraud  patterns. 

According  to  CyberSource  s  tally  businesses  will  lose  $2.6 
billion  to  online  fraud  in  2004  —  a  37%  increase  over  2003, 
when  fraud  losses  totaled  $1.9  billion. 

Retailers  have  had  some  success  limiting  fraud  loss,  but 
they’re  spending  more  time  and  money  doing  so,  says 
CyberSource, which  specializes  in  electronic  payment  and 
risk  management  services  for  retailers. 

This  year  fraudulent  orders  account  for  1.8%  of  online 
sales,  which  is  statistically  level  with  last  years  1.7%, 
CyberSource  says.The  $700  million  swing  in  fraud  losses  is 
offset,  in  part,  by  corresponding  growth  in  e-commerce  rev¬ 
enue:  The  348  merchants  surveyed  expect  their  e-com¬ 
merce  revenue  to  increase  by  39%  in  2005. 

VeriSign,  too,  logged  a  healthy  climb  in  e-commerce 
sales.  According  to  its  report,  which  covers  July 
through  September  of  this  year,  e-commerce  dollar  vol¬ 
ume  has  increased  more  than  25%  since  the  third  quar¬ 
ter  of  2003. 

Fraud  schemes  increasing 

However,  fraud  schemes  are  growing  even  faster,  and  the 
level  of  sophistication  and  potential  damage  from  Internet 
attacks  continues  to  climb, VeriSign  says.  In  particular,  new 
hybrid  attacks,  such  as  those  that  exploit  a  system  vulnera¬ 
bility  to  launch  an  identity  theft,  are  being  initiated  by 
more  sophisticated  hackers  looking  for  financial  gain. 


One  e-commerce  executive  finds  the  diversi¬ 
ty  of  attacks  to  be  one  of  the  biggest  challenges 
in  the  fight  against  fraud.  “Every  time  we  feel 
like  we  have  our  bases  covered,  the  fraudsters 
find  a  new  way  to  get  through,”  says  the  man¬ 
ager  of  Internet  operations  at  a  $2  billion  spe¬ 
cialty  retailer  who  asked  not  be  named. 

Online  commerce  is  a  relatively  immature 
business, and  it’s  still  going  through  growing 
pains,  she  says.  Determining  best  practices 
for  fighting  fraud  is  a  work  in  progress. “Key 
to  this  industry  is  to  set  those  good  prac¬ 
tices  and  standards,  and  get  everyone  to 
adhere  to  them.” 

To  try  to  stay  ahead  of  the  criminals,  online 
business  and  merchants  are  using  more  tools 
than  ever.  CyberSource  found  the  median 
number  of  automated  tools  in  use  today  is  five, 
and  40%  of  merchants  use  six  or  more. 

According  to  its  survey,  82%  of  merchants  use 
address  verification  services,  56%  use  card  ver¬ 
ification  number  checking,  and  53%  use  inter¬ 
nally  built  fraud  screens. 

Meanwhile,  international  e-commerce  or¬ 
ders  continue  to  spell  more  trouble  for 
retailers  than  domestic  orders.  Merchants 
that  accept  orders  from  outside  North 
America  reject  more  than  13%  on  suspicion 
of  fraud,  CyberSource  says.  Among  those 
accepted,  3.8%  turn  out  to  be  fraudulent  — 
which  is  nearly  three  times  higher  than  the 
overall  rate. 

VeriSign’s  report  identifies  countries  with  the  highest 
rates  of  originating  fraudulent  transactions.  When  fraud 
is  measured  as  a  percentage  of  legitimate  sales,  the 


Former  Yugoslav  Republic  of  Macedonia  tops  the  rank¬ 
ing,  with  100%  of  transactions  originating  within  its  bor¬ 
ders  deemed  risky  transactions,  followed  by  Nigeria 
(87%)  and  Ghana  (86%).  ■ 


Playing  Defense 

Google  Desktop  Search 
software  stores  online 
work  done  in  SSL  VPN 
sessions,  which  creates 
a  security  threat.  But 
there  are  measures  VPN 
users  can  take  to 
prevent  problems. 


Ban  use  of  Google 
Desktop  Search. 


•  Tell  users  to  shut  off 
Google  Desktop  Search 
before  initiating  SSL 
VPN  sessions. 

•  Use  host-checking  tools 
to  shut  off  Google 
Desktop  Search. These 
tools  can  detect  if 
Google  Desktop  Search 
is  running  and  block  or 
limit  access  of  these 
machines. 


•  Use  virtual  desktop 
|  technology  —  but  verify 
,  it  blocks  the  applications 
that  can  be  accessed 
i  overthe  SSLVPN. 


Google 

continued  from  page  1 

Pa.,  which  uses  Netilla  SSL  VPN 
gear. 

To  address  concerns,  for 
instance,  SSL  VPN  vendors  that 
sell  versions  of  Sygate’s  Virtual 
Desktop  software  touted  it  as  a 
way  to  quarantine  and  encrypt 
SSL  VPN  sessions.  But  they  dis¬ 
covered  during  tests  with 
Network  World  last  week  that 
Google  Desktop  Search  could 
still  grab  the  content  of  Word 
documents  and  cache  it  in  read¬ 
able  form. 

Since  then,  Sygate  says  it  has 
developed  a  fix  for  the  bug  that  it 
plans  to  distribute  tomorrow.  It 
also  has  sought  the  help  of  Goo¬ 
gle  to  create  a  foolproof  way  for 
SSL  VPN  sessions  to  vanish  from 
hard  drives  without  a  trace.  Goo¬ 
gle  says  it  is  considering  the 
request. 

Sygate  says  solving  the  problem 
is  important.This  is  our  No.  1  pri¬ 
ority.  We’re  not  working  on  any¬ 
thing  else,”  says  Gargi  Mitra,  a 
senior  product  manager. 

Versions  of  Sygate’s  Virtual 
Desktop  are  sold  by  SSLVPN  ven¬ 


dors  Array  Networks,  Aventail, 
Juniper  and  Netilla,  which  togeth¬ 
er  accounted  for  more  than  67% 
of  all  SSLVPN  gateways  sold  last 
year,  according  to  In-Stat  MDR. 

While  it  seems  Sygate  has 
shored  up  its  defenses  against 
Google’s  relentless  caching,  other 
similar  search  software  might  yet 
prove  troublesome  to  Virtual 
Desktop,  according  to  Joel 
Snyder,  senior  partner  of  Opus 
One  and  a  member  of  Network 
World's  Lab  alliance.The  problem 
is  that  these  search  engines  can 
hook  directly  into  applications  to 
cache  their  activity.  If  the  Virtual 
Desktop  doesn’t  recognize  these 
hooks,  the  search  tools  can  avoid 
Virtual  Desktop  encryption.  “The 
next  application  to  come  along 
that  hooks  Internet  Explorer  or 
Word  or  whatever  will  have  the 
same  issue,”  he  says. 

Other  desktop  search  tools  are 
made  by  Blinkx,  Copernic  Tech¬ 
nologies,  ISYS  Search  Software 
and  XI  Technologies.  Yahoo  and 
Microsoft  are  working  on  their 
own  versions. 

While  not  specifically  designed 
to  block  Google  Desktop  Search, 
vendors  put  forth  Virtual  Desktop 


as  a  way  to  deal  with  what  was 
being  described  in  published 
reports  as  a  hole  the  search  tool 
was  making  in  SSLVPN  security 

Google  Desktop  Search  peri¬ 
odically  indexes  and  caches 
files  and  processes  on  PCs  with 
the  goal  of  letting  users  quickly 
search  for  files  based  on  key 
words.  It  can  find  just  about  any¬ 
thing  that  has  ever  been  done 
on  the  computer  after  the 
search  tool  has  been  installed 
—  even  after  files  have  been 
deleted. 

On  the  flip  side,  SSL  VPN  soft¬ 
ware  attempts  to  secure  Internet 
sessions  between  PCs  and  corpo¬ 
rate  networks.  One  virtue  of  SSL 
VPNs  is  that  any  machine  with  a 
browser  can  create  a  VPN  ses¬ 
sion,  but  the  drawback  is  that 
these  machines  might  be  unse¬ 
cure  home  PCs,  borrowed 
machines  at  a  partner  business  or 
a  machine  in  an  Internet  kiosk. 
Someone  not  authorized  to 
access  corporate  data  might  use 
the  machines  later. 

To  prevent  content  of  SSL  VPN 
sessions  from  being  stored  on 
these  unsecure  machines,  SSL 
VPN  vendors  have  created  cache 


cleaners  that  purge  the  files 
accessed  during  the  sessions. 
Google  Desktop  Search  gets 
around  these  cleaners  by  making 
its  own  cache  that  the  cleaners 
don’t  wipe  out. 

SSLVPN  vendors  say  they  could 
wipe  out  the  entire  Google 
cache,  but  that  would  mean 
Google  Desktop  Search  would 
then  have  to  re-index  and  re¬ 
cache  the  hard  drive  —  a  lengthy 
process  that  might  irk  users. 

Virtual  Desktop  behaves  differ¬ 
ently,  creating  what  Sygate  de¬ 
scribes  as  an  encrypted  vault  in 
which  applications  run  and  that 
wipes  out  records  of  activity  dur¬ 
ing  virtual  sessions. 

To  deal  with  the  problem,  SSL 
vendor  Whale  Communications 
is  writing  additions  to  its  host¬ 
checking  software  that  scans 
remote  machines  before  they  are 
allowed  to  set  up  a  VPN.  If  they 
fail  security  policies,  which  could 
require  updated  anti-virus  soft¬ 
ware,  for  example,  the  SSL  VPN 
gateway  can  block  or  limit  access 
to  SSL  VPN  resources.  Other  ven¬ 
dors  say  their  host-checking  soft¬ 
ware  can  be  manually  config¬ 
ured  to  do  the  same.  ■ 


10000 


Where  visibility  and  intelligence  overpower  fear  and  doubt 


PROACTIVE 

INTELLIGENCE 


VeriSign  Managed  Security  Services 


A  Root  MX  Record  Activity 

REPORT  FOR.  0f/l8  -  19/2004 


Ifvl.K. 


:4u00 


iOuOO 


6000  - 


o*m  od/ie  os/is  os/ie  os/i» 


Vul 


Stat 


sti 


ra 


TOTAL  NETWORK 
VISIBILITY 


REAL-TIME 

CORRELATION 


4m,, 


WO  ST  RECENT 

l 

Backdoors 


Default  community  names 
of  tfie  SNMP  Agent 

Usit\g  NetBIOS 
fron't  a  wind'jfljl^H 


IIS  5.0  PKM 
Misc.  v 
CGI  abuses 
RDS/MOAC 


CM  SAD 


formation 


Top  Vulnerabilities 


%  OF  TOTAL 

21.2 


12,9 


10.3 

6.2 

3.0 

2.8 

2.5 


. ■  ■  s- . :§ sf; v.^> 

•*;  (!%•'>. fer ; 


REPORT  EAST  SCAN:  0S/0J/2004 


?F0 


220- 


!“C 


140 


;00 


E  • 


l-NFO 


HIGH 


Vulnerability  Scan  Statistics 

REPORT  LAST  SCAN:  0S/01/2004 


VeriSigm  Managed  Security  Services  lets  you  take  a  proactive  stance  on  security.  How?  By  continually 
monitoring  and  correlating  data  across  firewall,  IPS,  IDS,  VPN,  and  endpoint  systems.  By  integrating  and 
leveraging  these  unique  insights  with  continuous  vulnerability  assessments  and  the  advanced  data  that 
comes  from  handling  billions  of  global  email,  DNS,  and  e-commerce  interactions  every  day.  And  by  processing 
over  250-million  daily  security  events  across  some  of  the  world’s  most  sensitive  networks.  VeriSign  also 
offers  an  award-winning  team  of  hundreds  of  security  experts,  ready  to  monitor  and  protect  your  network 
24/7.  For  more  on  how  our  Managed  Security  Services  can  provide  you  with  a  comprehensive  view  of  your 
network’s  health  and  security,  visit  www.verisign.com/dm/mss.  VeriSign.  Where  it  all  comes  together.™ 
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Anti-spam 
vendors 
target  the 
out-box 

■  BY  CARA  GARRETSON 

A  pair  of  anti-spam  vendors 
are  tweaking  their  products  to 
help  customers  keep  a  closer 
eye  on  mail  emanating  from 
their  networks,  not  just  trying  to 
enter  them. 

Proofpoint’s  Content  Security 
Suite  comprises  three  modules 
designed  to  help  a  company 
keep  confidential  information 
inside  its  network  and  ensure 
outgoing  messages  comply  with 
federal  regulations.  Separately 
IronPort  is  enhancing  its  reputa¬ 
tion  filters  to  prevent  spam  from 
ever  leaving  a  network. 

“These  e-mail  hygiene  vendors 
are  looking  for  ways  to  differenti¬ 
ate  themselves,”  says  Matt  Cain, 
senior  vice  president  with  Meta 
Group.  “Certainly  companies 
want  to  stop  salacious  spam  from 
getting  out,  and  intellectual  prop¬ 
erty  from  leaving  a  corporation 
via  e-mail.Then  there’s  the  notion 
of  regulatory  compliance  . . .  large 
organizations  have  to  take  a  fairly 
close  look  at  their  outbound  fil¬ 
tering  needs.” 

“That’s  what  we’re  looking  at,  as 
part  of  our  data  security  [strate¬ 
gy]  ,  to  try  and  get  some  content 
security’  says  John  Congiu,  man¬ 
ager  of  enterprise  messaging  for 
Pitney  Bowes  in  Stamford,  Conn. 
The  company  has  used  Proof- 
point’s  e-mail  security  software 
and  appliance  for  a  few  months, 
and  plans  to  add  the  new  Con¬ 
tent  Security  Suite  next  year.  With 
17,000  messaging  users,  Congiu 
says  he  believes  some  are  inten¬ 
tionally  or  unintentionally  send¬ 
ing  e-mails  out  of  the  organiza¬ 
tion  that  include  confidential 
information. 

See  E-mail,  page  53 
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Messaging  is  often  the  Achilles'  heel  of 
network  security.  Fight  viruses,  worms 
and  spam  in  ways  that  build  an  aggressive 
defense.  Attend  a  free  Tech  Tour  event. 
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Outgoing  IETF  chair  reflects,  looks  ahead 


Cisco  Fellow  Harald  Alvestrand  is  step¬ 
ping  down  in  March  as  chair  of  the 
Internet  Engineering  Task  Force,  the 
Internet’s  premier  standards-setting 
body.  Alvestrand  led  the  IETF  for  four 
years  as  the  all-volunteer  group  of  net¬ 
work  engineers  reeled  from  over¬ 
whelming  workloads  that  stretched 
from  the  height  of  the  Internet  bubble  through  the  corpo¬ 
rate  bankruptcies,  unemployment  and  slashed  travel  bud¬ 
gets  at  the  depths  of  the  dot<om  bust.  Network  World 
Senior  Editor  Carolyn  Duffy  Marsan  spoke  with  Alvestrand 
about  his  tenure  at  the  IETF  and  his  plans  for  the  future. 


What  progress  has  the  IETF  made  in  improving  the  timeliness  of  its 
standards  development  work? 

We’ve  cut  down  on  the  number  of  [documents]  stuck  for 
dumb  reasons.The  RFC  Editor  has  a  backlog  of  several  months. 
They’ve  suggested  hiring  a  new  person  to  cut  down  the  queue. 
That  will  probably  happen  next  year.  We’re  experimenting  with 
changing  the  way  objections  are  handled  at  the  document- 
approval  level.  We’re  giving  the  working-group  chairs  more 
responsibility  here.  We  also  have  shut  down  1 1  working  groups 
since  August  primarily  because  their  work  was  done. 

What  will  be  the  legacy  of  your  four-year  stint  as  IETF  chair? 

If  the  restructuring  [of  our  administrative  processes  via  coop¬ 
eration  with  the  Internet  Society]  is  successful,  that  will  be  my 
legacy  What  I  hope  is  that  my  successor  will  be  remembered  as 
being  the  chair  when  the  IETF  ran  more  effectively  and  had  a 
greater  impact  on  the  world. 

What  are  the  most  important  protocols  developed  at  the  IETF  during 
your  tenure? 

SIP  and  iSCSI  because  they  both  created  emerging  markets. 
[Editor’s  note:  The  Session  Initiation  Protocol  supports  real-time 
communications  and  is  the  foundation  on  which  the  IETF  is  cre¬ 
ating  voice,  video  and  instant-messaging  applications.  ISCSI 
enables  universal  access  to  storage  devices  and  storage-area  net¬ 
works  over  standard  Ethernet-based  TCP/IP  networks.] 

I  notice  you  didn't  mention  IPv6,  the  long-anticipated  upgrade  to  IPv4. 

IPv6  was  a  done  deal  before  1  came  onboard.  It’s  not  some¬ 
thing  that  1  consider  to  have  influenced.  But  I  do  enjoy  seeing  it 
moving  from  an  experiment  to  being  a  common  checkbox  for 
network  products.  It  does  have  further  to  go. 

In  several  high-profile  areas  -  most  notably  instant  messaging  and 
spam  -  the  network  industry  turned  to  the  IETF  for  a  technical  solu¬ 
tion,  and  the  IETF  failed  to  deliver. 

The  IETF  has  gotten  its  act  together  recently  on  an  instant 
messaging  and  presence  protocol. We  already  had  made 
progress  on  [a  SIP-based  approach] .  And  it  seems  that  the  hype 
level  has  gone  down  on  instant  messaging.  Everyone  at  the  IETF 
meetings  uses  Jabber.  But  you  can’t  talk  between  Jabber  and 
MSN  because  MSN  sees  value  in  keeping  a  closed  network. 
Instant  messaging  is  just  like  IPv6.  Just 
because  we  have  specifications  doesn’t 
mean  the  market  will  adopt  them. 

What  about  spam?  Many  people  in  the  network 
industry  hoped  the  IETF  would  come  up  with  a 
technical  solution  to  this  problem. 

I  was  at  the  Federal  Trade  Commission 


hearing  on  spam  [this  month], and  the  conclusion  was  that 
there  is  no  silver  bullet.Technology  is  one  component,  but  we 
have  to  try  multiple  approaches.  Spam  is  different  than  all  but 
our  security  protocols  in  that  you’re  not  facing  random  chance, 
you’re  facing  an  intelligent  attack.The  question  is  how  will 
spammers  change  their  behavior  when  a  technical  solution  is 
released. Technical  solutions  have  been  oversold. We  have  many 
[protocol]  drafts  that  have  come  in  related  to  spam.  We  closed 
[one  spam-related  working  group]  because  we  couldn’t  get 
consensus,  but  we  will  open  others  if  we  see  enough  interest. 

What  will  you  do  when  you  step  down  as  IETF  chair? 

I  will  still  be  a  Cisco  fellow, so  I’m  sure  I’ll  find  something  inter¬ 
esting  to  do.  I  move  back  to  Norway  on  July  4.  I’m  glad  I  came 
here  to  California  for  a  year,  but  I’m  glad  to  go  back. 

With  all  its  problems,  is  the  IETF  still  significant? 

Yes.  It’s  relevant  because  it  makes  the  standards  that  people 
use.That  this  many  people  still  come  to  our  meetings  [1,300 
attended  this  month]  shows  that  they’re  getting  benefit  out  of  it. 
The  Internet  revolution  is  over,  and  we  have  gone  from  the 
Internet  being  new  and  exciting  to  it  just  being  part  of  the  infra¬ 
structure.  The  technical  work  required  for  making  the  Internet 
work  is  still  being  done  here. 

What  is  the  status  of  the  lETFs  multi-year  effort  to  restructure  its 
administrative  processes? 

We  had  a  couple  of  specific  proposals,  and  we  had  a  commu¬ 
nity  discussion  about  them  in  September.  We  received  strong 
feedback  that  we  should  ask  the  Internet  Society  to  organize  an 
activity  to  be  the  contracts  manager  for  the  IETF  Then  they 
would  sign  contracts  for  the  IETF  for  administrative  functions. 
We  need  to  be  one  step  removed  from  awarding  contracts 
because  the  IETF  has  not  declared  itself  a  legal  entity  [On  Nov 
10], I  officially  declared  consensus  on  one  plan. We  [soon] 
should  have  a  transition  team  in  place  that  will  oversee  the 
process  and  hire  a  person  to  be  our  administrative  director.  By 
March,  when  I  step  down,  I’m  hoping  this  process  will  be  done. 

Can  the  IETF  fund  and  run  its  thrice-yeariy  meetings  in  the  interim? 

Yes.  CNRI  will  continue  to  support  the  IETF  until  the  IETF 
decides  what  it  wants  to  do.  [Editor's  note:  The  Corporation  for 
National  Research  Initiatives  is  a  nonprofit  organization  run  by 
Internet  pioneer  Robert  Kahn.]  Right  now,  we  have  no  contract 
with  CNRI,  just  a  gentleman’s  agreement  going  back  many  years. 
All  our  meeting  fees  go  to  CNRI,  which  contracts  out  with 
Foretec  Seminars  [a  for-profit  event  planning  company].  We  get 
about  $2  million  a  year  in  meeting  fees  that  we  use  to  run  the 
RFC  Editor  and  other  functions.  We  want  to  put  that  under  a 
common  control  model  and  make  the  relationships  ordinary 
That  new  process  should  be  normalized  by  mid-2005.Then  how 
we  do  contracts  —  whether  there  is  rebidding  or  not  —  will  be 
ordinary  business  practice. 

Several  high-profile  people  resigned  from  the  IETF  leadership  during 
your  tenure,  saying  the  workload  was  too  great.  Is  the  IETF  having 
more  success  at  attracting  volunteers  for  leadership  positions? 

We  are  hoping  the  new  administration  structure  will  help. 
Part  of  my  workload  has  been  dealing  with  the  IETF  secre¬ 
tariat.  By  moving  those  functions  away 
More  Online!  ^rom  t*ie  ^TF  chair,  I’m  hoping  that  my 
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much  administrative  work.  As  far  as  the 
nominating  committee’s  process  is  con- 
the  IETF  has  changed  in  cernec]  people  are  willing  to  take  on  the 
the  past  four  years.  job.  They  don’t  seem  to  have  trouble 
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The  highly  dependable  HP  BladeSystem  features  Intel®  Xeon™  Processors.  Now  its  possible  to  react  to  changing  business  conditions 
in  real  time— in  seconds.  Application  deployment  and  reprovisioning  become  an  automated  process.  From  single  console  remote 
management  to  up  to  19%  power  savings2— the  HP  BladeSystem  is  designed  to  save  you  time,  money  and,  quite  possibly,  your  sanity. 
Which,  of  course,  could  be  the  most  compelling  reason  of  all  to  learn  more. 
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HP  ProLiant  BL30p  Blade  Server 

•  2  Intel®  Xeon™  Processors  DP  up  to  3.20GHz/2MB' 

•  23%  savings  on  acquisition  cost 

•  High  density:  Up  to  96  servers  per  rack 

*  Up  to  19%  less  power  consumption 

•  HP  Systems  Insight  Manager™:  Web-based 

•  Up  to  93%  fewer  cables 

networked  managment  through  a  single  console 

•  Hot-swappable  server  design 

•  Flexible/Open:  Integrates  with  existing  infrastructure 

•  Rapid  Deployment  Pack:  For  ease  of  deployment 
and  ongoing  provisioning  and  reprovisioning 

•  Single  interface  for  integrated  remote  management 
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to  Change:  BladeSystem  Moves  into  the  Mainstream 


CLICK 

hp.com/go/Bladesmag5 

CALL 

1-800-282-6672 

option  5,  mention  code  AUFK 

VISIT 

your  local  reseller 
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Trapeze 
swings  into 
virtualized 
WLANs 

■  BY  JOHN  COX 

Trapeze  Networks  this  week  is 
scheduled  to  release  software  it 
says  can  be  used  to  divvy  up  a 
wireless  LAN  into  64  logical  net¬ 
works  that  cater  to  different 
groups  of  users  and  applications. 

The  new  virtualization  software 
for  Trapezes  WLAN  switch  sup¬ 
ports  assignment  of  authentica¬ 
tion,  access,  encryption  and 
other  security  policies  to  differ¬ 
ent  groups  even  though  they 
share  the  same  physical  infra¬ 
structure  of  WLAN  access  points. 

With  the  software,  logical  wire¬ 
less  networks  also  can  be  linked 
to  64  virtual  wire-based  LANs. 

Rival  vendors  including  Cisco 
and  Symbol  Technologies  have 
offered  the  same  basic  capability 
But  none  of  them  currently  let 
customers  layer  so  many  logical 
networks  onto  the  access  points, 
says  Bruce  van  Nice,  vice  presi¬ 
dent  of  marketing  for  Trapeze. 

Trapeze  had  offered  a  version  of 
the  technology  that  allowed  for 
just  two  logical  networks  for  each 
access  point.  The  company’s  re¬ 
vamped  switch  software,  Mobility 
System  3.0,  increases  this  to  32 
per  radio,  with  each  thin  access 
point  having  two  radios. 

Logical  networks  are  created  by 
giving  each  access  point  multiple 
Basic  Service  Set  Identifiers 
(BSS1D), which  are  essentially  the 
media  access  control  addresses 
of  access  points.  Each  BSSID  has 
a  test  string  that  identifies  the  net¬ 
work  to  the  client  devices  and 
identifies  the  access  point’s  capa- 
bilities.Those  capabilities, such  as 
which  authentication  protocol  or 
encryption  scheme  to  use,  can  be 
different  for  each  BSSID. 

Also  new  in  this  release  is  a 
revamped  Web  interface  for 
administering  the  Trapeze  WLAN. 

Trapeze  also  has  introduced  a 
Web  application  that  lets  some¬ 
one  like  a  receptionist  quickly 
create  network  access  accounts 
on  a  separate  virtual  WLAN  for 
visitors,  such  as  customers  or 
contractors.  Such  a  logical  net¬ 
work  lets  them  access  the  Inter¬ 
net,  for  example,  without  putting 
corporate  servers  at  risk. 

The  software  is  available  as  a 
free  upgrade  for  Trapeze  cus¬ 
tomers  and  comes  standard  on 
newly  acquired  switches.  ■ 


Goodwill 

continued  from  page  1 

refurbishes  the  best  of  what  it 
finds  as  staff  weed  through  the 
30  truckloads  of  donated  cloth¬ 
ing,  toys  and  electronics  tum¬ 
bling  in  each  week. 

Although  not  many  Goodwill 
thrift  stores  across  the  country 
sell  used  hardware  and  soft¬ 
ware,  sales  are  growing.  Good¬ 
will  organizations  also  see  a 
future  in  “e-waste,”  the  disposal 
of  computer  parts  in  an  envi¬ 
ronmentally  friendly  way. 

“Computer  salvage  can  be  a 
real  opportunity  says  Randy 
Taylor,  Goodwill’s  facilities  direc¬ 
tor  in  Orange  County,  whose  job 
involves  tending  to  how  the 
cast-off  equipment  gets  pro¬ 
cessed  as  it  comes  into  the 
91,000-square-foot  warehouse. 

First,  only  the  Pentium  II  and 
better  computers  among  the 
hundreds  that  come  in  each 
week  are  kept  for  possible  re¬ 
sale.  Typically  that  means  80%  of 
the  week’s  haul  is  destined  for 
the  dust  bin  of  history.  Goodwill 
sells  them  for  about  $3,000  per 


Goodwill  bar¬ 
gain  hunting 


month  to  a  Los  Angeles  recycler 
that  dismantles  them  for  parts 
and  strips  the  gold  from  their 
circuitry  in  return. 

According  to  Robert  Balder- 
rama,  a  processor  at  Goodwill 
who  plows  through  the  moun¬ 
tains  of  donated  items  coming 
in  off  the  trucks,  the  most  surpris¬ 
ing  computer  he  ever  unearthed 
was  a  1989  vintage  Tandem  sys¬ 
tem  from  K-Mart.“It  was  brand 
new  in  the  box  and  had  never 
been  opened,”  he  says.“But  of 
course,  we  couldn’t  use  it.” 

It’s  not  just  PCs  that  reach 
Goodwill,  but  PBXs,  point-of-sale 
devices,  wireless  access  points 
and  even  CAD/CAM  systems, 
given  away  in  a  modern  soci¬ 
ety’s  rush  toward  something 
newer.  Guillermo  Tudela,  the 
assistant  manager  in  Goodwill’s 
Computer  Works  store  in  Santa 
Ana,  notes  that  the  week  that 
the  Microsoft  wireless  router 


came  to  market,  it  appeared  in 
the  Goodwill  donations,  too. 

“Things  come  in  a  jumble,” says 
Corrine  Allen,  Goodwill’s  senior 
retail  operations  manager,  who 
works  with  Taylor  in  deciding 
what  to  do  with  the  incoming 
high-tech  bric-a-brac.“Sometimes 
a  computer  could  just  be 
dropped  off  at  the  door  at  night.” 

These  orphaned  devices  actu¬ 
ally  can  be  considered  “illegal 
dumping, ’’Taylor  notes. 

Some  computer  parts,  such  as 
cathode-ray  tubes  and  lead  con¬ 
tent,  pose  environmental  con¬ 
cerns.  But  Goodwill  is  looking  at 
expanding  its  activities  in  han¬ 
dling  such  e-waste,  especially 
because  the  state  of  California  is 
keen  on  establishing  a  strict  sys¬ 
tem  of  recycling  that  relies  on 
accredited  e-waste  companies. 

“The  state  has  a  program  in 
which,  if  you  have  been  a  collec¬ 
tor  of  e-waste,  they  will  pay  you  a 
certain  fee  for  that, ’’Taylor  says. 
“We’ve  applied  to  be  an  accred¬ 
ited  e-waste  collector  and  so  has 
the  Los  Angeles  Goodwill.” 

PC  makeover 

Beyond  such  ambitions  con¬ 
cerning  e-waste,  Goodwill  in 
Santa  Ana  —  whose  primary 
mission  is  to  employ  the  dis¬ 
abled  —  has  found  selling  refur¬ 
bished  computers  makes  sense 
economically 

Orange  County’s  two  Goodwill 
Computer  Works  stores  last  year 
topped  $655,000  in  sales,  al¬ 
though  that  is  still  just  a  fraction 
of  the  $24  million  annually 
derived  mostly  from  old  cloth¬ 
ing.  Goodwill  has  hired  staff 
specifically  to  refurbish  comput¬ 
ers  and  sell  them. 

Computer  parts  are  another 
area  of  keen  interest  to  Goodwill. 

“There’s  a  demand  for  com¬ 
puter  parts, ’’Tudela  says.The 
Goodwill  store  has  witnessed 
shoppers  that  drive  great  dis¬ 
tances  to  scout  for  parts  for 
older  computers. 

The  Goodwill  organizations, 
which  were  first  started  in  1902 
and  operate  independently 
across  the  country,  are  starting 
to  share  their  experiences  more 
often  about  e-waste  and  com¬ 
puter  sales, Taylor  says. 

He  notes  that  at  a  recent  forum 
for  several  of  the  regional  Good¬ 
will  organizations  hosted  in 
Austin, Texas,  managers  shared 
ideas  for  expanding  computer 
salvage  and  sales.  Austin  is  said 
to  be  making  more  money  in 
parts  than  selling  entire  com¬ 
puter  systems. 

Goodwill  is  considering  how  it 
might  structure  sales  into  four 


Junk  dealer 

About  80% 
of  the  computers 
donated  to  Goodwill 
can't  be  refurbished,  so 
the  organization  sells 
them  to  a  recycler, 
which  pays  about 
$3,000  per  month. 


areas:  motherboards,  hard 
drives,  power  systems  and  mem¬ 
ory.  In  the  future,  Goodwill  and 
recycling  partners  might  be 
teaching  the  disabled  and  dis¬ 
advantaged  workers  it  hires  to 
dismantle  computers  to  isolate 
needed  parts.“For  older  sys¬ 
tems,  buyers  can’t  find  parts.  It’s 
like  cars, ’’Taylor  says. 

Taking  it  online 

The  Santa  Ana  facility  has  al¬ 
ready  distinguished  itself  in 
another  modernization:  online 
selling. 

Santa  Ana’s  IT  staff  four  years 
ago  set  up  Goodwill’s  first  Web 
e-commerce  site,  www.shop 
goodwill.com,  and  it’s  thriving. 

Now  105  separate  Goodwill 
organizations  around  the  coun¬ 
try  use  the  Web  site  to  list  about 
6,000  items  up  for  bid  each  day, 
including  Barbie  dolls,  motor 
vehicles,  jewelry  home  decor 
and  yes,  computers,  says  Peter 
Lent,  senior  Webmaster  and 
technology  services  manager. 

The  e-commerce  site  has  sur¬ 
passed  the  $20  million  mark  in 
sales  and  has  grown  to  about 
$580,000  per  month. 

“It’s  set  up  similar  to  eBay?’ 

Lent  says.  Each  Goodwill  store  is 
a  separate  seller,  supplying 
Santa  Ana  with  photos  of  the 
goods  and  indicating  where 
winning  bidders  can  pick  up 
their  purchases.  Multiple  T-l 
lines  into  Goodwill  help  allevi¬ 
ate  congestion  or  downtime  at 
the  online  thrift  store. 

Behind  the  counter  in  the 
Computer  Works  building,  a 
store  clerk  is  preparing  to  ring 
up  a  sale  for  a  $5  used  micro¬ 
phone  when  the  buyer  sudden¬ 
ly  has  last-minute  reservations. 

“Suppose  I  get  home  and  it 
doesn’t  work?”  he  anxiously 
inquires. 

“Don’t  worry?’  the  Goodwill 
store  clerk  assures  him. “You  can 
always  bring  it  back.”B 
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Introducing  data  centers  on  deman 

New  architecture  supports  power  densities  of  today...  and  tomorrow 


Now  you  can  quickly  deploy  a 
standard-  or  high-density  site  of  any  size 
with  scalable,  top-tier  availability. 


Part 

Number 

Usable 

IT  Racks 

Average 
kW  per  Rack 

Price 
to  buy 

Price  to  lease 
(36  installments) 

ISXCR1SY16K16P5 

1 

up  to  5kW 

$1 4,999* 

*499 

ISXT240MD6R 

6 

up  to  5kW 

$1 49,999* 

$4,999 

ISXT240MD11R 

11 

up  to  5kW 

$249,999* 

$7,999 

ISXT280MD40R 

40 

up  to  5kW 

$699,999* 

$21 ,999 

ISXT2800MD 1 0OR 

100 

up  to  5kW 

*1 ,649,999* 

*50,999 

High  Density  Configuration  (shown  above) 

ISXT280HD8R 

8 

up  to  lOkW 

$399,999* 

*12,999 

All  multi-rack  configurations  feature: 

/  N+  7  power  and  cooling 

Secure,  self-contained  environment 
Peak  capacity  of  20kW  per  rack 
Enhanced  service  package 
Integrated  management  software 
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High  density  upgrades  start  at  $1 0,999 
On-site  power  generation  options  start  at  $29,999 


Order  your  solution  today.  Call  888-289-APCC  x3279. 
=  '  Don't  see  the  configuration  you  need? 
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Seals  in  hot  air,  prevents  mixing  with  room  air 


■ 


•N.  V  ’  •  >  • 


H  BEST  OF  INTEROP 

o  CRN  CMWMr. 


Chamber  Doors 

Access  to  hot  aisle, 
locks  for  security 


What  is 
data  cente 
on  demand? 


*  Prices  do  not  include  IT  equipment  **  Install  and  delivery  times  may  vary 


lnfraStru/\ure 

DATA  CENTERS  ON  DEMAND 

Highly  available  and  manageable, 
quick-to-install,  scalable  architecture 
that  easily  supports  both  standard- 
and  high-density  applications. 

-  Up  to  20k  W  a  rack  for  any 
blade  server  application 

-  Unlimited  racks 

-  Ships  in  5  days** 

-  Installs  in  7  day** 

-  Optional  on-site 
power  generation 

-  Raised  floor  not  required 

-  Vendor  neutral  guaranteed 
compatibility 
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An  all-in-one 
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NetVanta  1224STR 
The  functionality  of  five 
devices  for  the  price  of  one. 


Dare  to  Compare! 

NetVanta 

1224STR 

Managed,  24-Port 

✓ 

Layer  2  Switch 

IP  Access  Router 

✓ 

Stateful  Inspection  Firewall 

✓ 

DSU/CSU 

✓ 

Gigabit  Ethernet  Uplinks 

✓ 

QoS 

✓ 

VLAN  trunking 

✓ 

Stacking 

✓ 

Command  Line  Interface  (CLI) 

✓ 

Intuitive  Web  GUI 

✓ 

ADTRAN  OS 

✓ 

Optional  Virtual  Private 
Networking 

✓ 

Optional  Dial  Backup 

✓ 

Optional  PBX  Connectivity 

✓ 

Unlimited  Telephone 

Technical  Support 

✓ 

Free  Firmware  Updates 

✓ 

5-Year  Warranty 

✓ 

solution 

— ^  (that  looks 

like  a  switch). 

Introducing  the  NetVanta  1224STR  from  ADTRAN 


Lower  the  cost  of  enterprise  connectivity  with  the  powerful  new 
NetVanta  1224STR.  This  full-function  WAN/LAN  access  platform 
does  the  work  of five  devices  for  the  price  of  one.  Suitable  for  networks 
of  any  size,  the  NetVanta  1224STR  offers  everything  you  need  to  bring 
a  branch  office  or  remote  location  online,  including  managed  Layer  2 
Ethernet  switching,  full-featured  IP  routing,  firewall  protection,  VPN, 
and  WAN  termination — all  in  a  compact  1U  chassis.  It  is  QoS,  VLAN, 
and  Gigabit  Ethernet  capable,  and  offers  affordable  dial  backup  and 
voice  options.  ADTRAN ’s  new  NetVanta  1000  Series  is  backed  by  a 
100%  satisfaction  guarantee,  including  unlimited  technical  support, 
free  firmware  upgrades,  and  a  5-year  warranty. 


free 


Register  to  win  a  free  NetVanta  1224STR  now! 
www.adtran.com/info/winnetvantaT224 


Available  at  a  price  point  well  below  competing 
multi-box  solutions,  the  NetVanta  1224STR 
will  change  the  way  you  connect  remote  locations. 


877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 
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The  NetVanta  Series 


.  NetVanta  1000  Series 
Integrated  Switch-Router  Platforms 
Managed  Layer  2  Ethernet  Switches 


NetVanta  2000  Series 
Firewalls/VPN 


NetVanta  3000  Series 
IP  Routers 


The  Network  Access  Company 
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■  VOIP  ■  WIRELESS  LANS 


Mitel  IP  PBX  gets  wireless  support 


■  BY  PHIL  HOCHMUTH 

Mitel  Networks  recently  introduced  a 
beefed-up  version  of  its  flagship  IP  PBX 
product  that  lets  customers  support  more 
IP  phones  and  applications  than  previous 
versions. 

Improvements  in  Version  5.0  of  the  Mitel 
3300  Integrated  Communications  Platform 
(ICP)  are  aimed  at  supporting  more  users 
with  better  applications  and  mobility 
options,  the  vendor  says.The  3300  ICP  now 
supports  65,000  IP  endpoints  on  one  sys¬ 
tem  —  up  from  40,000  on  the  previous 
3300  series.The  vendor  also  has  added  Wi¬ 
Fi  phone  support  for  Spectralink  wireless 
IP  phones,  and  new  applicants  and  man¬ 
agement  capabilities. 

Up  to  700  Spectralink  Wi-Fi  IP  phones  can 
run  on  one  3300  ICPThe  wireless  integra¬ 
tion  lets  Spectralink  handsets  access  all 
features  on  the  3300  ICP  including  messag- 


Mitel’s  3300  ICP  now  scales  to  60,000  IP 
phones,  up  from  40,000  on  previous  versions. 

ing  applications.  A  Spectralink  gateway 
and  Wi-Fi  access  points  are  required  for 
such  a  deployment. 

The  improved  messaging  applications  in 
Version  5.0  include  a  personal  auto  atten¬ 
dant  for  individual  users’ voice  mail  boxes. 
The  feature  lets  end  users  set  up  separate 
call  routing  options  and  recorded  an¬ 
nouncements  for  handling  calls  sent  to 
voice  mail. 

Also  on  tap  are  the  Session  Initiation 


Protocol  (SIP)-based  Mitel  5212  and  5220 
IP  phones.  The  handsets  can  run  SIP  or 
Mitel’s  proprietary  MiNet  protocol,  so  they 
can  work  on  a  Mitel  IPC  or  third-party  SIP- 
based  call  server  or  messaging  server. 

The  new  IP  phones  also  can  be  deployed 
in  remote  offices  that  are  tied  back  to  a 
3300  IPC  by  a  VPN  connection  or  private  IP 
WAN  link.  This  lets  the  phones  operate 
remotely  as  extensions  off  of  a  3300  IPC.  A 
new  line  interface  module  for  the  phones 
lets  them  fail  over  to  a  public  phone  net¬ 
work  connection  in  case  of  a  VPN  or  IP  net¬ 
work  failure. 

While  Mitel  lags  behind  3Com,  Alcatel, 
Avaya,  Cisco,  Nortel  and  Siemens  in  the 
large-enterprise  IP  PBX  market,  it  has  been 
among  the  leaders  in  introducing  new 
technology  such  as  the  option  for  running 
SIP  as  the  native  call-control  protocol  on  its 
IP  PBXs,  including  the  3300  and  SX-200  IPC 
for  small  offices  (200  users).  Mitel  also  has 


partnered  with  HP’s  ProCurve  switching 
business,  and  Foundry  Networks,  for  inte¬ 
grating  its  IP  PBX  gear  with  LAN  switch 
equipment.  Mitel  has  ported  its  softphone 
client  technology  to  HP  iPaq  handheld 
computers  with  wireless  capabilities. 

Mitel  has  carved  a  niche  for  itself  in  the 
hybrid  IP  PBX  market,  where  devices  sup¬ 
port  both  TDM  and  IP  endpoints.  (Some 
Mitel  IP  PBXs  can  support  Mitel  TDM 
phones,  and  some  third-party  TDM  hand¬ 
sets,  such  as  Nortel’s.)  According  to  Info- 
netics,  Mitel  had  16%  of  this  market  in  the 
second  quarter  of  this  year,  behind  market 
leaders  Nortel,  with  29%,  and  Alcatel,  with 
25%  of  the  market  —  estimated  at  $89  mil¬ 
lion  for  the  quarter. 

The  3300  ICP  costs  about  $25,000  for  the 
hardware,  with  per-user  costs  of  about  $300. 
The  new  messaging  application  costs  about 
$70  per  user,  and  the  5220  and  5207  IP 
phones  cost  $310  and  $200,  respectively  ■ 


■  Motorola  last  week  agreed  to  buy 
MeshNetworks,  a  developer  of  tech¬ 
nology  and  products  for  rapidly  de¬ 
ployed,  self-creating  wireless  mobile 
networks.  Motorola  already  licenses 
software  and  distributes  products 
from  the  privately  held  company.  Its 
Motorola  Ventures  investment  arm 
invests  in  the  company.  Financial 
terms  of  the  deal,  which  is  expected 
to  close  by  year-end,  were  not  dis¬ 
closed.  Mesh  networking  has  poten¬ 
tial  applications  ranging  from  corpo¬ 
rations  to  home  entertainment,  for 
delivering  data,  video,  voice  and  loca¬ 
tion  information,  Motorola  said  in  a 
statement. 

■  Intel  and  LG  Electronics  agreed 
last  week  to  work  together  toward 
creating  one  international  standard 
for  wireless  broadband  Internet 
access.  The  agreement  will  see  the 
two  companies  work  on  combining 
the  Intel-backed  WiMAX  standard  and 
the  Korean  WiBro  (Wireless  Broad¬ 
band)  standard.  WiMAX  and  WiBro 
are  based  on  different  versions  of  the 
IEEE  802.16  standard. 


Doing  more  with  less  -  good  or  bad  for  start-ups? 


For  two  days  earlier  this  month,  The 
Wall  Street  Journal  ran  prominent  sto¬ 
ries  about  the  year-old  tech  recovery 
running  out  of  steam.  “Drag  on  high-tech 
recovery:  Companies  do  more  with  less” 
was  the  above-the-fold,  front-page  headline 
on  Nov.  9.  At  first  glance,  this  would  seem  to 
be  bad  news  for  start-ups,  but  is  it  really? 

In  essence,  The  Wall  Street  Journal  notes, 
correctly  I  believe,  that  there  have  been 
fundamental  changes  in  how  IT  executives 
view  the  world  over  the  past  few  years. 
Where  in  the  past  they  might  simply  throw 
money  at  a  problem,  now  they’ll  put  con¬ 
siderable  effort  into  seeking  alternatives. 
The  Journal  views  the  15%  growth  of  the 
last  year  as  a  brief  “catch-up”  spurt,  noting 
that  it  slowed  to  9%  in  the  third  quarter. 

A  day  later  in  The  Journal, “Cisco  adds  to 
high-tech  worries”  (on  page  3  )  noted  Cisco 
CEO  John  Chambers’  “tepid  outlook  for 
coming  months, ’’quoting  him  assaying“the 
company  continues  to  face  challenges, 


from  the  hesitancy  of  corporations  to  buy 
technology  gear  to  a  rising  wave  of  low- 
cost  Asian  competitors.” 

It’s  interesting  to  see  Cisco  on  the  record 
about  the  Asian  competitors.  While  “visibly 
Asian”-branded  products  from  companies 
such  as  Huawei  are  now  in  the  market¬ 
place,  many  of  the  “American”  LAN 
switches  that  we’ve  bought  for  the  past  few 
years  have  been  designed  and  manufac¬ 
tured  in  places  such  as  Taiwan. 

It  previously  had  seemed  that  Cisco  was 
immune  to  that  competition.  Just  recently  1 
had  a  conversation  with  an  executive  at  a 
well-known  company  that  had  gone  head- 
to-head  with  Cisco  in  the  low-end  switch 
arena  two  years  back  using  Taiwanese 
technology  Although  the  company  offered 
dramatically  better  price/performance,  it 
made  few  inroads  —  or  at  least  not  the 
kind  of  progress  it  had  calculated  it  would 
make.  It  was  its  experience,  then,  that  cus¬ 
tomers  still  willingly  would  overpay  for 
products  that  were  near-commodity  items. 

So  if  The  Journal  has  it  pegged  correctly, 
the  “It’s  only  money”  days  are  over  —  even 
for  Cisco.  Not  only  will  this  make  the  afore¬ 
mentioned  executive  smile,  but  I  think  this 
is  good  news  for  start-ups. 

When  there  was  plenty  of  money  to  be 
thrown  around,  start-ups  did  get  some  of  it 
but  it  would  be  my  guess  that  incumbents 
got  most  of  it. 


Now  it’s  becoming  in  vogue  to  find  inno¬ 
vative  —  and  cost-effective  —  solutions  to 
problems.  This  certainly  plays  to  the 
strengths  of  most  start-ups.  Of  course, 
where  a  few  years  ago  it  might  be  sufficient 
to  illustrate  how  “cool”  one’s  technology 
was,  today  that  needs  to  be  married  to  ROI 
calculations. 

Cisco’s  acknowledgement  of  erosion  by 
Asian-origin  products  is  important,  too. 
Who  knows  what  the  field  sales  teams 
might  say  to  try  to  sway  customers  to  keep 
Cisco,  but  it  doesn’t  appear  to  be  working. 
Note  that  Chambers  didn’t  tag  these  as 
“inferior” products  —  because  they  are  not. 
And,  that,  of  course  is  the  problem  —  for 
Cisco. 

And,  as  much  as  we  IT  people  like  to 
think  of  ourselves  as  individualists,  we  are 
also  part  of  a  herd.  Now,  with  The  Journal 
printing  “success  stories”  of  companies  that 
have  gone  against  the  grain  and  delivered 
better  technology  for  few  dollars,  more  of 
us  will  be  willing  to  follow  that  path. 

So  start-ups  that  can  “read”  what  is  going 
on  and  adjust  their  message  and  sales 
techniques  to  this  new  reality  might  find  a 
fertile  environment  for  their  innovation. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  testing 
company  in  Boca  Raton,  Fla.  He  can  be 
reached  at  ktolly@tolly.com. 
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Adtran  serves  up  newest  low-cost  router 


Access  router 


■  BY  DAVID  NEWMAN,  NETWORK  WORLD  LAB  ALLIANCE 

s  long  as  Cisco  leads  the  router  market,  competitors  will  continue  to  come  up  with 
differentiators.  With  Adtran  s  new  NetVanta  4305  access  router,  the  differentiators  are 
price,  price,  price. 


Depending  on  configuration,  the  Net¬ 
Vanta  4305  —  which  Adtran  began  ship¬ 
ping  in  late  September  and  will  provide 
upgraded  routing  software  at  the  end  of 
this  month  —  can  cost  thousands  of  dol¬ 
lars  less  than  similarly  equipped  Cisco 
models. 

As  our  exclusive  Clear  Choice  tests 
show,  the  NetVanta  4305  is  a  modest  per¬ 
former.  The  beta  routing  software  still  has 
some  rough  spots,  including  scalability 
issues,  but  the  price  advantage  might  off¬ 
set  these,  especially  for  managers  of  small 
or  midsize  enterprise  networks. 

The  1U  systems  we  tested  were  equip¬ 
ped  with  two  fixed-port  Fast  Ethernet 
interfaces  and  an  optional  module  sup¬ 
porting  eight  T-l  (1.544M  bit/sec)  serial 
interfaces.The  NetVanta  4305s  base  price 
includes  support  for  IPv4  routing  proto¬ 
cols  and  a  stateful  firewall.  IPSec  support 
is  optional,  as  is  a  DSX-1  module  for  inter¬ 
connection  with  PBXs. 

The  base  NetVanta  4305  costs  $2,500, 
and  the  system  as  tested  is  priced  at 
$5,000.  In  contrast,  a  comparable  Cisco 
3725  base  model  lists  at  $8,500. 

The  NetVanta’s  command-line  interface 


Net  Results 


NetVanta  4305 


OVERALL  RATING 

IFil 


Company:  Adtran,  www.adtran.com. 

Cost:  NetVanta  4305  as  tested,  $5,000. 
Pros:  Low  cost;  many  features  included 
in  base  price.  Cons:  Beta  software 
wouldn’t  support  eight  T-1  connections 
with  dynamic  routing;  limited  scalability 

for  RIP  routing. 

The  breakdown 

Static  routing  20% 

3.5 

RIP  routing  20% 

2.5 

OSPF  routing  20% 

4.0 

IPSec  support  10% 

4.0  j 

Features  15% 

3.5 

Price  15% 

4.5 

TOTAL  SCORE 

3.6  | 

Scoring  Key:  5:  Exceptional;  4:  Very  good;  3: 
Average;  2:  Below  average;  1:  Consistently 
•X, .  'h' subpar 


strongly  resembles  IOS,  but  lacks  some 
features  of  its  Cisco  counterpart,  such  as 
redirecting  command  output  through  a 
pipe. 

Testing  performance 

We  measured  performance  of  the 
NetVanta  4305  in  seven  ways:  static  rout¬ 
ing;  small-  and  large-table  routing  infor¬ 
mation  protocol  (RIP)  routing;  small-, 
medium-  and  large-table  open  shortest 
path  first  (OSPF)  routing  (see  “How  we 
did  it”  at  www.nwfusion.com,  DocFinder 
4726). We  also  tested  IPSec  tunnel  capac¬ 
ity  (see  “Testing  IPSec,”  DocFinder:  4727). 

The  static  routing  test  was  a  best-case 
scenario;  the  goal  was  to  show  the  maxi¬ 
mum  rate  at  which  the  NetVanta  4305 
boxes  would  forward  traffic  without 
dynamic  routing  enabled.  We  then 
repeated  the  same  test  using  either  RIP  or 
OSPF  and  routing  tables  of  various  sizes. 
We  tested  in  a  back-to-back  configura¬ 
tion,  linking  two  routers  with  up  to  eight 
T-l  interfaces,  and  then  repeated  the  tests 
on  one  router  with  traffic  flowing 
between  two  Fast  Ethernet  interfaces. 

In  the  two-router  tests,  throughput  was 
slightly  lower  than  line  rate  with  medium 
or  large  frames,  regardless  of  the  pres¬ 
ence  or  absence  of  dynamic  routing  (see 
graphic, right). Tests  with  256-byte  frames 
are  the  most  noteworthy  because  that 
size  is  close  to  the  average  frame  length 
on  many  enterprise  networks. 

These  tests  uncovered  two  anomalies. 
First,  Adtrans  beta  software  supported 
only  seven  T-ls  in  the  multilink  PPP  link, 
when  dynamic  routing  was  enabled. 

Second,  throughput  with  RIP  routing 
didn’t  scale  as  high  as  OSPF  especially 
when  we  threw  short  frames  at  the  Net¬ 
Vanta  pair.  Short-frame  throughput 
with  a  240-route  table  (the  largest  we 
attempted)  was  noticeably  lower  than 
with  a  smaller  64-route  table. 

Even  with  RIP’s  15-hop  limit,  our  “maxi¬ 
mum”  test  case  represented  a  relatively 
small  network.  Route  redistribution  and 
multiple  paths  easily  can  swell  table  size 
well  beyond  the  maximum  levels  we 
used  with  the  NetVanta  4305.  With  OSPF 
throughput  for  both  small  and  large 
frames  degraded  as  table  size  grew. 

Degraded  throughput  with  RIP  also  was 
pronounced  when  we  offered  traffic 
between  two  Fast  Ethernet  interfaces  on 
one  router,  where  frame  rates  are  much 


Backbone  throughput  results 

Adtran’s  NetVanta  4305  moved  packets  faster  with  static  routes 
than  it  did  with  dynamic  routing  protocols.  Tests  using  a  pair  of 
routers  linked  by  a  multilink  PPP  backbone  uncovered  two  issues: 
First,  the  beta  software  Adtran  supplied  would  support  only  seven 
T-1  circuits  when  OSPF  or  RIP  was  enabled.  Second,  RIP  throughput 
with  short  frames  took  a  big  hit  as  table  size  grew. 

Aggregate  throughput  (frames  per  second) 
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■  Perfect  device,  eight  T-1  lines 
Perfect  device,  seven  T-1  lines 

■  Static  routing 

■  RIP,  64  routes 
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higher  (see  Figure  2,  DocFinder:  4728). 
However,  tests  with  short  frames  place  the 
greatest  strain  on  the  device  being  tested, 
and  no  production  network  carries  traffic 
made  up  exclusively  of  64-byte  frames. 

Then  again,  even  an  entry-level  $400  PC 
can  saturate  a  100M  bit/sec  circuit.  Given 
the  relatively  low  cost  of  processing 
power,  control-plane  routing  events 
should  have  little  if  any  effect  on  data- 
plane  packet  forwarding.  Moreover,  the 
choice  of  routing  protocol  should  not 
have  a  marked  effect  on  throughput. 

Adtran  officials  say  the  company  is 
working  to  optimize  the  routing  code  in 
the  final  release  of  this  new  code  at  the 
end  of  this  month. 

Another  key  metric  —  latency  — 
improved  in  most  cases  when  we 
enabled  OSPF  or  RIPFor  example,  in  two- 
router  tests  with  static  routing,  we  mea¬ 
sured  average  latency  of  2.017  millisec 
when  forwarding  64-byte  frames.  But  with 
RIP  routing  and  240  routes,  average  la¬ 
tency  actually  fell  to  1.352  millisec. 

In  general,  latency  tests  of  a  single 
router  moving  packets  between  Ethernet 
interfaces  showed  very  constant  results: 
about  0.460  millisec  for  256-byte  frames 


for  most  test  cases.  However,  when  we 
used  OSPF  and  a  5,000-entry  routing 
table,  latency  shot  up  nearly  threefold  to 
1.439  millisec.  Latency  in  the  low  milli¬ 
seconds  is  unlikely  to  affect  performance 
of  any  application  by  itself,  but  latency  is 
cumulative.  In  a  network  made  up  of 
many  NetVanta  routers,  latency  might 
grow  with  routing  table  size. 

The  NetVanta  4305  doesn’t  match  Cisco 
3700  series  routers  when  it  comes  to  fea¬ 
tures  or  robustness  of  its  routing  code,  but 
then  again  it  doesn’t  cost  nearly  as  much. 
While  the  routing  code  we  tested  had  a 
few  unresolved  issues,  the  NetVanta  4305 
might  be  a  cost-effective  alternative  in 
small  to  midsize  networks. 

Newman  is  president  of  Network  Test,  an 
independent  benchmarking  consultancy 
in  Westlake  Village,  Calif..  He  can  be 
reached  at  dnewman@networktest.com. 
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■  Advanced  Micro  Devices  plans  to 

build  security  and  virtualization  fea¬ 
tures  into  its  server  processors  by 
2006,  the  company  said  during  its 
annual  analyst  event  this  month.  Two 
initiatives,  called  Pacifica  and 
Presidio,  are  underway  at  the  chip 
maker,  said  Fred  Weber,  AMD's  CTO. 
Pacifica  is  a  virtualization  technology, 
while  Presidio  involves  security  fea¬ 
tures,  but  further  details  were  not 
disclosed.  Rival  Intel  has  discussed 
its  Vanderpool  virtualization  technolo¬ 
gy  at  recent  conferences,  but  like 
AMD,  has  not  provided  specific 
details.  Intel  also  plans  to  release 
chips  with  hardware-based  security 
features  around  2006. 

■  Microsoft  is  stepping  up  its 
efforts  to  win  Novell  NetWare 

users  over  to  its  Windows  Server 
2003  operating  system  by  offering 
migration  products  and  support. 
Microsoft’s  push  comes  at  a  time 
when  Novell  is  increasingly  shifting 
its  attention  to  Linux.  Those  who 
make  the  change  can  get  a  $600 
credit  for  services  by  Microsoft  part¬ 
ners  for  each  Win  2003  license  with 
50  client  access  licenses  purchased 
in  a  migration,  Microsoft  said. 
Microsoft  also  will  offer  training  pro¬ 
grams  and  a  free  tool  called  Services 
For  NetWare  to  help  users  migrate 
from  Novell  to  Windows.  Microsoft 
has  teamed  with  Quest  Software  to 
offer  a  20%  discount  on  software 
designed  to  help  customers  with 
more  than  1,000  seats  move  to 
Windows. 

n  Hoping  to  harness  a  few  million  of 
the  PCs  not  already  running  the 
SETI@home  screen  saver,  IBM  and 
United  Devices  last  week  launched 
a  World  Community  Grid  project 
designed  to  act  as  a  clearinghouse 
for  humanitarian  computing  efforts. 
Users  who  would  like  to  see  their 
computers  work  for  the  betterment 
of  humanity  every  time  they  grab  a 
coffee  can  download  a  1.5M-byte 
software  package  that  will  turn  their 
desktop  PC  into  a  number  crunching 
node  on  a  worldwide  grid. 


Dell  delivers  denser  blade  servers 

PowerEdge  1855  systems  exploit  Intel  Xeon  microprocessors. 


■  BY  ROBERT  MCMILLAN 

Two  years  after  launching  its  first  blade 
server,  Dell  last  week  announced  a  follow¬ 
up  product:  the  PowerEdge  1855,  a  system 
based  on  Intel’s  Xeon  microprocessor. 

Up  to  10  of  the  dual-processor  blades  will 
slide  into  a  new  7U  chassis  from  Dell  that 
has  been  designed  to  accommodate  10G 
bit/sec  Ethernet  and  the  power  require¬ 
ments  of  Intel’s  next  generation  of  Xeon 
processors,  which  are  expected  to  emerge 
in  2005. 

The  dense  blade  design,  which  lets  sys¬ 
tems  share  common  network,  power  and 
cooling  components,  will  let  users  squeeze 
as  many  as  62%  more  servers  into  their 
data  center  racks,  when  compared  with 
Dell’s  rack-mounted  1U  PowerEdge  1850 
server,  the  company  says. 

Although  his  company  has  not  yet  pur¬ 
chased  Dell’s  new  servers,  Darrin  Hyrup, 
director  of  operations  with  Mythic  Enter- 


■  BY  JOHN  FONTANA 

Dell  and  Microsoft  last  week  announced 
a  strategic  partnership  under  which  they 
plan  to  integrate  their  hardware  and  soft¬ 
ware  management  tools. 

The  first  fruits  of  their  labor  will  arrive  in 
January,  when  the  companies  said  they 
plan  to  ship  a  free  add-on  to  Microsoft’s 
System  Management  Server  2003  called 
SMS  2003  Inventory  Tool  for  Dell  Updates. 
The  tool,  which  will  be  available  on 
Microsoft’s  Web  site,  will  combine  the 
inventory  and  updating  capabilities  of 
Dell’s  OpenManage  4  systems  manage¬ 
ment  software  with  SMS  2003.The  software 
distribution  features  of  SMS  2003  will  be 
enhanced  to  push  out  updates  to  Dell 
hardware. 

Currently,  joint  customers  must  use  the 
separate  Dell  and  Microsoft  management 
products  to  complete  inventory  and 
update  tasks. 

Last  November,  Dell  introduced  Dell 
Update  Packages  with  SMS,  a  manual  tool 
that  was  somewhat  of  a  proof-of-concept 
for  the  SMS  add-on.  The  new  tool  is  fully 


Up  to  10  Dell  PowerEdge  1855  server  blades 
fit  into  the  vendor's  new  7U  chassis. 


tainment  in  Fairfax,  Va.,  says  the  1855 
appears  to  be  powerful  enough  to  be  a 
viable  alternative  to  rack  systems.  With 
almost  all  the  space  in  its  data  center 
being  used,  the  company  is  looking  to 
blades  as  a  way  to  enhance  performance. 
“This  will  allow  us  to  expand  our  services 
without  having  to  buy  a  lot  more  real 


automated  in  providing  one  view  of  Micro¬ 
soft  software  and  Dell  PowerEdge  servers 
on  the  network  and  what  needs  to  be 
updated  with  patches  or  functionality 
upgrades. 

The  SMS  add-on  automates  downloads  of 
BIOS,  firmware  and  drivers  from  Dell’s  Web 
site  and  updates  from  Microsoft’s  patching 
and  other  update  sites. 

“This  release  is  meant  to  hit  the  No.  1  pain 
point  today  which  is  managing  the  updates 
to  your  existing  systems,”  says  Eric  Berg, 
group  product  manager  for  Windows 
Server. 

Berg  says  the  relationship  with  Dell  is  not 
exclusive,  although  Dell  and  Microsoft 
have  a  long-range  plan  to  simplify  man¬ 
agement  across  their  platforms.This  would 
include  the  use  of  two  standards  specifica¬ 
tions  they  are  committed  to  today:  the 
Systems  Management  Architecture  for 
Server  Hardware  specification  from  the 
Distributed  Management  Task  Force  and 
WS-Management,  a  Web  services  specifica¬ 
tion  that  provides  a  common  way  for  sys¬ 
tems  to  access  and  exchange  manage¬ 
ment  information.* 


estate,”  he  says. 

Mythic,  the  creator  of  the  online  role-play¬ 
ing  game  Dark  Age  of  Camelot,  expects  to 
standardize  on  a  blade  architecture  in  time 
for  its  next  major  title,  Imperator,  expected 
in  2006. 

While  blades  have  always  taken  up  less 
space  than  rack-mounted  servers,  the 
extreme  density  of  the  blade  architecture 
has  forced  some  blade  designs  to  use 
cooler,  less  powerful  processors  than  did 
rack  systems.  However,  the  1855  uses  the 
same  processor  as  its  1 U  rack  counterpart. 

“We  were  waiting  for  the  technology  to 
mature,”  Hyrup  says.  “Until  recently  we 
weren’t  sure  we  were  going  to  get  the  per¬ 
formance  and  space  gains  we  had  wanted.” 

Mythic  also  is  interested  in  evaluating  a 
low-power  version  of  the  1855,  which  is 
expected  within  a  few  months,  Hyrup  says. 
He  adds  that  he  expects  the  new  blade  to 
have  significantly  lower  power  require¬ 
ments  than  the  1855,  which  draws  approxi¬ 
mately  15%  less  power  than  the  1850. 

One  major  issue  for  Dell  customers  is  that 
the  new  blade  chassis  does  not  yet  support 
switch  technology  from  Cisco,  says  John 
Enck,  a  research  vice  president  at  Gartner. 
Support  for  this  technology  is  expected  in 
early  2005, but  until  that  time  it  might  make 
these  systems  less  appealing  to  enterprise 
customers,  which  would  have  to  do  more 
work  to  integrate  the  systems  into  their 
Cisco  environments,  he  adds.  “What  you’d 
pretty  much  have  to  do  today  is  cable 
everything  to  the  blade,  which  pretty  much 
bypasses  one  of  the  major  value  proposi¬ 
tions  of  blades,”  Enck  says.  The  FbwerEdge 
1855  chassis  start  at  $3,000,  and  blade 
servers  start  at  $1 ,700. 

McMillan  is  a  correspondent  with  the  IDG 
News  Sera  ice. 
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What  shape  will  technology  take  in  2005? 

Be  the  first  to  see  top  solutions  that  will  affect 
networks  at  an  upcoming  Tech  Tour  event  called 
The  2005  IT  Road  Map. 
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Dell,  Microsoft  join  forces 
on  systems  management 


With  a  wide  variety  of  leading  brands,  fast  shipping  and  knowledgeable  account  managers,  at  CDW  you'll 
find  people  who  are  dedicated  to  getting  you  the  right  technology  for  your  needs — when  you  need  it. 
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Lantronix  SecureLinx™  SLK8 
Remote  KVM™ 


•  Secure,  anywhere  access  to  GUI  on  critical  servers 

•  Advanced  security  features 

•  No  additional  hardware  or  software  needed 

•  Also  available  in  1  -  and  1 6-  port  models 
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Raritan  Dominion  KX™  1-user 
16-port  KVM  Over  IP  Switch 


Enterprise-class  secure  digital  KVM  switch 
BIOS  level  control  of  servers  locally  and 
remotely  over  IP  via  a  Web  browser 
Advanced  feature  set  including  128-bit 
encryption,  remote  power  control  and 
dual  failover  Ethernet 
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Nokia  Secure  Access  System 


Provides  an  SSL  browser-based  solution  to 
enable  secure  remote  access  to  e-mail  and 
applications  for  mobile  employees  and  partners 
Connect  mobile  employees  using  corporate 
laptops  or  home  PCs  quickly  and  securely 
Connect  partners,  suppliers  and  contractors 
to  specific  corporate  applications 
1 0-user  connection  with  1  -year  software 
subscription' 


IMQKIA 

Connecting  People 


$146938 


CDW  51 7998 


THE  RIGHT  TECHNOLOGY.  RIGHT  AWAY."  ►  CDW.com  •  800.399.4CDW 

Sfctte  In  Canada,  call  800.387.21 73  •  CDW.ca 
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.  customer  hereunder  and  the  only  warranties  offered  are  those  of  the  manufacturer,  not  CDW.  All  pricing  is  subject  to  change.  CDW  reserves  the  right  to  make  adjustments  to  pricing,  products  and  service  offerings 
i,  manufacturer  price  changes  and  errors  in  advertisements.  All  orders  are  subject  to  product  availability.  Therefore,  CDW  cannot  guarantee  that  it  will  be  able  to  fulfill  customer's  orders.  The  terms  ana  conditions  of  sale  are  limited 
lal  or  different  terms  in  any  form  delivered  by  customer  is  hereby  given.  ©  2004  CDW  Corporation 
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Vendors  aim  to  tamp  down  spyware 


Blocking  spyware  through  network  filters 


The  UtahTransit  Authority 
discovered  more  than  25,000 
spyware  transmissions  from  600 
desktop  machines  the  month  the 
agency  began  filtering.Through  a 
largely  manual  desktop  spyware- 
eradication  process,  the  transit 
authority  is  bringing  this  nuisance 
under  control. 
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■  Tally  Systems  recently  released 
TS.Census  License  Compliance  Suite 
3.2,  which  gives  users  one  place  to 
track  the  software  they  own,  the  soft¬ 
ware  that  they  have  installed  and  how 
it's  being  used.  The  suite  is  designed 
so  corporations  can  accurately 
assess  licensing  needs  and  control 
costs.  Tally  has  updated  the  Software 
Compliance  Module  with  tools  to  inte¬ 
grate  license  purchase  data  from  SHI 
and  SoftChoice  directly  into  the  suite. 
The  module  also  has  license  alloca¬ 
tion  reports  for  anything  from  a  full 
company  to  a  single  workstation.  The 
Usage  Module  now  tracks  usage  of 
server-based  software.  The  Asset  In¬ 
ventory  tools  include  support  for 
Active  Directory,  and  Tally  has  inte¬ 
grated  its  remote  client  installation 
tool  into  the  suite.  The  software  costs 
$21  per  seat,  per  1,000  users. 

■  Adobe  Systems  by  year-end  is 
scheduled  to  release  Version  7.0  of  its 
Acrobat  products,  including  a  new 
free  Acrobat  Reader  with  reviewing 
capabilities.  The  client  products  all  tie 
in  to  the  company's  Intelligent  Docu¬ 
ment  Platform,  a  set  of  elements 
Adobe  wants  to  use  to  make  PDFs 
with  XML  additions  a  common  way  to 
get  data  in  and  out  of  corporate  sys¬ 
tems.  Acrobat  7.0  Professional  users 
can  create  PDF  files  and  let  Acrobat 
Reader  7.0  users  review  and  comment 
on  them.  The  reader  features  a  new 
reviewing  toolbar  that  can  be  enabled 
when  the  PDF  file  is  created.  Included 
with  Acrobat  7.0  Professional  is 
Adobe  LiveCycle  Designer,  a  tool  to 
design  PDF  forms  that  work  with 
back-end  enterprise  systems  that  use 
XML.  These  special  forms  let  organi¬ 
zations  process  data  sent  in  PDF 
forms,  so  there’s  no  need  to  re-enter 
the  information.  Adobe's  Intelligent 
Document  Platform  competes  with 
Microsoft's  XML  features  in  Office 
and  InfoPath.The  high-end  Acrobat 
7.0  Professional  costs  $449  An  up¬ 
grade  from  selected  preceding  ver¬ 
sions  is  available  for  $159.  Acrobat  7.0 
Standard  is  aimed  at  business  profes¬ 
sionals  and  costs  $299,  with  the 
upgrade  version  priced  at  $99. 


■  BY  ELLEN  MESSMER 

Ever-growing  concern  about  spyware 
spreading  like  wildfire  has  vendors  such  as 
Configuresoft,  LANDesk  Software,  McAfee 
and  TippingPoint  Technologies  rushing  in 
with  an  assortment  of  products  aimed  at 
putting  out  the  conflagration. 

Recent  announcements  include: 

•  TippingPoint’s  spyware  filters  for  its 
UnityOne  intrusion-prevention  system. 

•  McAfee’s  Anti-Spyware  Enterprise 
Edition  Module, an  add-on  that  works  with 
its  anti-virus  software. 

•  Configuresoft’s  spyware  tool  kit  for 
its  Enterprise  Configuration  Manager 
product. 

•  LANDesk’s  Security  Suite  software  that 
helps  users  track  spyware  infiltrations. 

Customers  testing  some  of  these  new 
anti-spyware  products  say  they’re  helpful 
in  controlling  the  blaze  but  not  yet  com- 


■  BY  ANN  BEDNARZ 

An  ERP  consolidation  plan  will  keep  IT 
staff  busy  for  the  next  few  years  at  metal 
distributor  Ryerson  Tull.  The  $2.3  billion 
company,  which  has  grown  through 
acquisitions,  is  replacing  five  major  legacy 
platforms  with  a  single  SAP  installation, 
says  Darell  Zerbe,  CIO  and  vice  president 
of  IT. 

Adding  to  the  complexity  of  the  project 
is  Ryerson  Tull’s  most  recent  deal  —  the 
pending  acquisition  of  Integris  Metals  that 
will  expand  the  Chicago  company  to  a 
nearly  $5  billion  business  with  120  loca¬ 
tions,  Zerbe  says. 

“My  main  thrust  is  to  converge  a  lot  of 
separate  types  of  software  down  into  a 
pretty  standard  look  across  the  entire 
enterprise,”  he  says. 

Zerbe  joined  three  other  IT  executives 
last  week  to  talk  about  technology  spend¬ 
ing  plans  in  a  conference  call  hosted  by 
Morgan  Stanley  analyst  Ross  MacMillan. 

On  the  subject  of  IT  budgets,  the  partici¬ 
pants’  plans  run  the  gamut. 

Glenn  DiBiasi  expects  his  IT  budget  to 
grow  4%  to  5%  in  2005,  compared  with 
1.5%  growth  in  2004.  DiBiasi  is  senior  vice 


prehensive  enough  to  snuff  out  every  dan¬ 
gerous  spark. 

“Spyware  tracks  every  place  that  some¬ 
one  has  been,”  says  Bonnie  Norman,  sys¬ 
tem  security  engineer  at  Wellstar  Health 
System,  who  is  waging  a  battle  against  spy- 
ware  on  about  5,000  desktop  machines 
used  at  the  healthcare  organizations  hos¬ 
pitals  and  clinics  in  the  Atlanta  area.  Well- 


main  thrust  is  to 
converge  a  lot  of  sepa¬ 
rate  types  of  software 
down  into  a  pretty  stan¬ 
dard  look . . .  M 

Darell  Zerbe 

Vice  president  of  IT  and  CIO, 

Ryerson  Tull 

president  and  CIO  at  Aon,  a  $10  billion 
Chicago  company  that  provides  risk  man¬ 
agement  and  human  capital  consulting 
services. 

Some  of  that  money  will  go  toward  re¬ 
placing  a  good  portion  of  Aon’s  desktops 
and  laptops,  DiBiasi  says.  A  CRM  project 
also  might  get  the  go-ahead.  “We  put  a 
placeholder  for  that,  but  it  depends  on 
business  direction,”  he  says. 

One  area  losing  funding  is  the  mainframe, 
DiBiasi  adds.“We  hope  to  move  off  a  lot  of 
those  systems,  so  our  mainframe  spending 
will  go  down  dramatically’  he  says. 

See  Spending,  page  24 


star  uses  the  Internet  to  share  patient  in¬ 
formation  with  authorized  third  parties, 
but  spyware  on  machines  can  record  this 
activity  —  an  unacceptable  proposition 
for  any  hospital,  Norman  says. 

Wellstar,  which  had  used  the  Tipping- 
Point  UnityOne  IPS  at  its  Internet  access 
point  to  block  a  range  of  attacks,  became 
an  early  adopter  two  months  ago  of  the 
spyware  filter  that  TippingPoint  recently 
unveiled. 

When  Wellstar  started  using  the  Unity- 
One  appliance  last  September  to  detect 
and  block  spyware  downloads  and  out¬ 
bound  connections,  the  hospital  system 
logged  8,000  spyware  hits  per  month, she 
says. 

Most  of  the  dozen  spyware  types  Unity- 
One’s  filter  blocked,  including  Bargain- 
Buddy, were  picked  up  by  desktop  users  at 
Web  shopping  sites,  Norman  notes.  IT  staff 
also  make  use  of  log  data  generated  by 
Novell’s  BorderManager  proxy  and  Surf¬ 
Control  and  WebTrends  Web-monitoring 
tools  to  determine  where  spyware  might 
come  from. 

Spyware  tracking 

Wellstar’s  IT  staff  are  busy  tracking  down 
spyware-infected  machines  and  often 
have  to  entirely  re-image  the  desktop  to 
eradicate  the  adware.  This  work  has  re¬ 
duced  the  monthly  spyware  count  to 
about  3,000  hits  per  month. 

Norman  says  the  TippingPbint  IPS  has 
made  it  possible  to  deal  with  a  substantial 
part  of  the  spyware  problem  but  more 
needs  to  be  done.  TippingPoint  agrees, 
promising  to  add  support  for  more  spy- 
ware  types  in  the  coming  year. 

John  Jones,  network  supervisor  at  Utah 
Transit  Authority,  which  is  in  charge  of  the 
Salt  Lake  City-area  bus  and  other  trans¬ 
portation,  also  found  the  TippingPoint  spy- 
ware  filter  resulted  in  a  reduction  but  not 
an  end  to  spyware  on  the  agency’s  600 
See  Spyware,  page  24 
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The  FCC  earlier  this  month  ruled  that 
VoIP  services  generally  cross  state 
borders  and,  even  in  the  cases  where 
they  do  not,  it  is  often  impossible  to  tell. 
Gee,  what  a  revelation! 

Of  course  this  has  been  clear  for  quite  a 
while  to  anyone  who  actually  thought 
about  it  for  more  than  a  few  nanoseconds. 
But  the  FCC  ruling  was  required  to  keep 
state  regulators  from  ignoring  this  reality  in 
their  quest  to  “protect  the  public"  and,  in  a 
total  coincidence  I  assume,  raise  state  rev¬ 
enue.  Even  though  it’s  correct  in  exempting 
VoIP  from  state  regulation,  the  FCC’s  opin¬ 
ion  might  come  back  to  haunt  it. 


Compartmentalizing  the  Internet 


On  Nov.  9,  the  FCC  adopted  a  Memor¬ 
andum  Opinion  and  Order  on  VoIP  service 
provider  Vonage’s  petition  for  a  declaratory 
ruling  requesting  that  the  FCC  pre-empt  an 
order  from  the  Minnesota  utility  commis¬ 
sion  imposing  traditional  telephone  ser¬ 
vice  regulations  on  VoIP  services  (see 
www.nwfusion.com,  DocFinder:  4730).  I 
wrote  about  the  Minnesota  order  shortly 
after  it  happened  (DocFinder:  4731)  and 
mused  about  the  usefulness  of  regulators 
in  light  of  such  orders  (DocFinder:  4732). 
So  I  will  not  repeat  those  points  now. 

The  FCC’s  new  order  noted  that  state  reg¬ 
ulation,  both  in  the  telecom  market  and  in 
general  for  commerce,  was  only  valid  for 
services  confined  within  a  state.  It’s  clear 
that  VoIP  services,  like  those  offered  by 
Vonage,  cannot  generally  be  seen  as  being 
limited  to  in-state,  and  the  FCC  order 
detailed  a  number  of  reasons  that  it  was 
not  feasible  for  a  service  provider  to  know 


if  a  particular  call  originated  and  terminat¬ 
ed  in  one  state.  The  reasons  included  that 
Vonage  users  can  transport  their  equip¬ 
ment  anywhere  and  still  use  it  to  place  or 
receive  calls  and  that  Vonage  offers  cus¬ 
tomers  the  ability  to  use  what  appear  to  be 
local  phone  numbers  from,  let’s  say  New 
York  City  anyplace  they  want  to,  such  as 
Minneapolis. 

The  FCC  recognized  that  the  Minnesota 
order  dealt  with  many  important  issues 
that  needed  to  be  resolved  and  said  that 
the  FCC  would  address  some  of  these  in  its 
forthcoming  overall  IP-enabled  services 
rules.  One  of  those  issues  is  Enhanced  91 1 
(E911). 

The  IETF  is  investigating  aspects  of  the 
E911-over-the-Internet  problem  and  might 
develop  recommendations  and  standards 
in  the  next  year  or  two  and  work  in  the  SIP 
and  Session  Initiation  Proposal  Investiga¬ 
tion  (SIPPING)  working  groups. 


The  FCC  might  come  to  rue  the  day  that 
it  made  many  of  the  arguments  in  this 
order  because  the  same  arguments  can  be 
very  easily  made  to  say  that  VoIP  (and  most 
Internet)  regulation  should  not  be  a 
national  issue. 

Just  like  calling  a  help  desk  for  many 
American  companies  rings  a  phone 
halfway  around  the  world  in  India  there  is 
no  way  to  be  sure  that  the  VoIP  phone  that 
rings  when  you  call  a  number  in  the  212 
area  code  is  in  the  U.S. 

Disclaimer:  Because  it’s  hard  to  out¬ 
source  teaching  in  a  residential  university  I 
don’t  think  Harvard  has  a  direct  opinion 
on  the  trend,  but  I  didn’t  ask  and  the  above 
observations  are  my  own. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information 
Systems.  He  can  be  reached  at 
sob@sobco.com. 


Spending 

continued  from  page  23 

IT  budget  growth  also  is  on  tap  for 
health  benefits  provider  Humana. 
Spending  will  likely  rise  slightly  in  2005, 
says  Ray  Daud,  director  of  software  pro¬ 
curement  at  the  $12  billion  health  bene¬ 
fits  company  in  Louisville,  Ky.  Security 
upgrades  and  projects  related  to  com¬ 
pliance  with  the  Sarbanes-Oxley  Act  are 
among  slated  projects,  he  says. 

As  a  health  benefits  company,  Humana 
operates  in  a  highly  regulated  environ¬ 
ment,  so  many  of  the  internal  controls 
required  by  legislation  such  as  the 
Sarbanes-Oxley  Act  already  are  in  place, 
Daud  says. 

Current  initiatives  are  aimed  at  spot¬ 
ting  possible  gaps,  such  as  making  sure 
financial  systems  can  track  transactions 
made  on  the  Web  from  their  origination 
until  they  reach  Humana’s  legacy  plat¬ 
forms.  “Tracking  transactions  and  mak¬ 
ing  sure  there  are  controls  in  place 
every  step  along  the  way  —  that’s  where 
we’re  finding  most  of  our  investments,” 
Daud  says. 

Sarbanes-Oxley  also  is  an  issue  for 
Ryerson  Tull,  which  finds  its  budget  being 
eaten  up  by  the  federal  legislation. 

“We  basically  believe  we  got  through 


More  online! 

Want  to  know  how  federal  compliance  laws  affect  you? 
Tune  into  our  IT  Briefing  Webcast  on  Sarbanes-Oxley 
and  other  regulatory  issues.  Senior  Editor  Ann  Bednarz 
offers  her  expert  insight  on  the  topic. 
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Sarbanes-Oxley  Section  404  this  year  by 
wheeling  in  a  number  of  filing  cabinets 
and  buying  a  few  tons  of  manila  fold¬ 
ers,”  Zerbe  says. 

Next  year  the  company  will  consider 
investing  in  software  to  help  with  the 
process,  but  it’s  not  a  sure  thing.  “We’re 
perfectly  OK  to  live  with  the  sort  of 
brute-force  method  we  used  this  year  if 
the  software  is  too  expensive  or  we  just 
don’t  feel  like  it’s  worth  it.” 

For  the  short  term,  Zerbe’s  IT  budget 
will  remain  flat  or  grow  slightly  in  2005. 
Ryerson  Tull  is  funding  the  big  SAP  con¬ 
solidation  project,  as  well  as  a  compan¬ 
ion  project  to  migrate  to  thin  clients 
using  Citrix  Systems’  MetaFrame  tech¬ 
nology.  So  far,  six  locations  are  up  and 
running,  Zerbe  says. 

But  once  that  effort  is  complete,  the 
budget  trend  will  reverse.  “We’re  antici¬ 


pating  significant  reductions  in  spend¬ 
ing  beginning  with  ’06.  We’re  going  from 
fat  desktops  to  thin,  we’re  going  from 
multiple  legacy  environments  to  one 
new  environment,  and  we’re  going  to  be 
reducing  staff  by  anywhere  from  one- 
third  to  40%, ”  Zerbe  says.  “We’re  looking 
at  taking  a  lot  of  IT  costs  out  in  the 
longer  range.” 

Meanwhile,  IT  spending  will  drop  5%  to 
7%  next  year  at  LSI  Logic,  says  Bruce 
DeCock,  vice  president  and  CIO  at  the 
$1.2  billion  Milpitas,  Calif.,  semiconduc¬ 
tor  maker.  “We  just  had  a  pretty  signifi¬ 
cant  reduction  in  force,  and  that  affected 
IT.  So  we’re  going  to  actually  be  spend¬ 
ing  less,”  he  says. 

LSI  Logic  will  focus  its  IT  monies  on 
strategic  projects,  including  adding 
product  life-cycle  management  software 
to  its  SAP  suite. The  company  also  plans 


to  upgrade  its  customer-facing  portal, 
DeCock  says. 

Fortunately,  not  every  project  takes  big 
bucks.  For  example,  LSI  Logic  plans  to  in¬ 
vest  in  wireless  and  VoIR  but  it  won’t 
break  the  bank  doing  so.  “Those  are 
great  technologies,  but  they  just  don’t 
take  a  lot  of  spending  to  get  them  in 
place,”  DeCock  says. 

Spending  cuts  will  come  from  a 
reduced  head  count,  application  consol¬ 
idation  efforts  and  a  move  to  more  ser¬ 
vices,  DeCock  says. 

A  big  shift  at  LSI  Logic  will  be  in  where 
the  money  for  IT  projects  comes  from, 
DeCock  says.  “Our  message  to  the  user 
community  is  we  want  to  see  more  and 
more  user-funded,  business-funded  pro¬ 
jects,”  he  says.The  IT  department  will  man¬ 
age  projects  but  push  a  lot  of  the  spending 
to  the  business  units.  ■ 


Spyware 

continued  from  page  23 

desktop  machines.TheTippingPoint  appli¬ 
ance  is  a  “wonderful  tool  against  spyware 
but  not  a  silver  bullet,”  Jones  says. 

Both  Wellstar  and  Utah  Transit  Authority 
are  looking  to  add  desktop  anti-spyware 
protection  after  a  review  process  to  locate 
affordable  and  comprehensive  products 
with  enterprise  management  capabilities. 

Other  vendors  attack  problem 

Meanwhile,  Configuresoft  and  LANDesk, 
which  already  compete  in  the  area  of 
desktop  application  management,  are 
stepping  into  the  spyware  arena. 

Configuresoft  last  week  announced  it’s 
offering  a  free  anti-spyware  tool  that 
works  with  its  Enterprise  Configuration 
Manager  to  check  desktops  for  about 
1,400  spyware  types. 

For  its  part,  LANDesk  last  week  an¬ 
nounced  a  product  called  LANDesk 
Security  Suite  to  chase  down  about  10,000 


spyware  types  based  on  a  policy  that  can 
be  set  by  IT  managers.The  product,  which 
also  is  intended  for  patching  and  vulnera¬ 
bility  assessment,  is  expected  to  ship  next 
month.  Pricing  has  not  been  determined. 

One  of  the  largest  anti-virus  vendors, 
McAfee,  has  geared  up  for  the  spyware 
chase  with  the  announcement  last  week 
of  Anti-Spyware  Enterprise  Edition  Mod¬ 
ule,  a  spyware  detection  and  eradication 
module  that  works  with  McAfee’s  anti¬ 
virus  software,  VirusScan  Enterprise  8.01 
and  the  older  7.1. 

McAfee,  which  prefers  to  refer  to  spy- 


ware  as  “potentially  unwanted  programs,” 
expects  to  ship  the  Anti-Spyware  module 
by  year-end. 

John  Bedrick,  McAfee  marketing  manager 
for  systems  security,  says  the  Anti-Spyware 
Enterprise  Edition,  priced  at  $15  per  seat, 
will  be  host-based  software  that  can  be 
managed  by  McAfee’s  two  management 
consoles,  ePolicy  Orchestrator  and  Pro¬ 
tection  Pilot. 

“You’ll  be  able  to  get  reports  on  spy- 
ware,”  Bedrick  says,  adding  the  total  num¬ 
ber  of  spyware  types  targeted  by  the  prod¬ 
uct  is  still  being  developed.  ■ 
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■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE 


IPv6  product  testing  needed,  experts  say 


■  BY  CAROLYN  DUFFY  MARSAN 

IPv6  products  need  more  conformance 
testing.  That’s  the  conclusion  of  network 
industry  heavy  hitters  AT&T,  Cisco,  Juniper, 
Lucent,  Microsoft  and  others,  which  are 
developing  products  that  support  IPv6,  the 
next  generation  of  the  Internets  main  com¬ 
munications  protocol. 

Sixteen  vendors  recently  completed  a 
third  round  of  interoperability  tests  on 
Moonv6,  the  largest  native  IPv6  backbone. 
Moonv6  is  a  joint  operation  of  the  Univer¬ 
sity  of  New  Hampshire  (UNH)  Interoper¬ 
ability  Laboratory  the  Department  of  De¬ 
fense,  the  North  American  IPv6  Task  Force 
and  the  Internet  university  consortium. 

The  latest  round  of  tests  involved  approx¬ 
imately  80  servers,  switches  and  routers  at 
10  military  and  university  sites  from  New 
Hampshire  to  Arizona.  Moonv6  was  found¬ 
ed  last  year  and  has  held  prior  interoper¬ 
ability  test  events  in  March  2004  and 
October  2003. 

The  latest  tests  ventured  into  new  areas, 
including  VoiPwireless  LANs  and  streaming 
video  via  multicast.  Several  firewall  features 
were  tested,  as  well  as  specific  protocols, 
including  IPSec,  DNS  and  Dynamic  Host 
Configuration  Protocol.  Routing,  tunneling 
and  QoS  were  included. 

The  Moonv6  consortium  will  issue  a 
report  on  the  latest  tests  next  month. 

“The  underlying  infrastructure  of  IPv6  is 
solid,”  says  Erica  Williamsen,  Moonv6  tech¬ 
nical  manager.The  real  work  needed  now 
is  for  vendors  to  fine-tune  their  implemen¬ 
tations  and  interoperability,  and  for  service 
providers  to  adopt  and  deploy  it.” 

The  Moonv6  tests  are  designed  to  help 
boost  commercial  deployment  of  IPv6, 
which  is  lagging  in  the  U.S.  behind  Europe 
and  Asia.  The  only  major  U.S.  organization 
to  commit  to  IPv6  is  the  Defense  Depart¬ 
ment,  which  has  a  policy  that  requires  all  of 
its  network  hardware  and  software  to  be 
IPv6-compliant  by  2008. 

Developed  by  the  IETF  IPv6  promises  eas¬ 
ier  administration,  tighter  security  and  an 
enhanced  addressing  scheme  over  IPv4, 
the  Internet’s  current  protocol.  IPv6,  which 
uses  a  128-bit  addressing  scheme,  supports 
a  virtually  limitless  number  of  uniquely 
identified  systems  on  the  ’Net,  while  IPv4 
supports  only  a  few  billion  systems 
because  it  uses  a  32-bit  addressing  scheme. 

Moonv6  testers  —  which  included  about 
30  network  engineers  from  vendors,  UNH 
and  the  Defense  Department  —  found 
configuration  issues  with  several  IPv6 


applications,  partici¬ 
pants  say 

“There  were  lots  of 
configuration  and  stabili¬ 
ty  issues  with  VoIP,”  says 
Gerard  Goubert,  voice 
and  wireless  manager  at 
the  UNH  lab.  “From  our 
side,  the  network  was 
fine  but  some  remote 
sites  had  problems.” 

Goubert  says  the  VoIP 
configuration  problems 
were  expected  because 
the  technology  is  so  new 

“It  was  mostly  just  configuration  of  the 
test  equipment  so  it  would  fit  into  the  sce¬ 
nario  we  were  trying  to  test,”  Goubert  says. 
“It  was  nothing  strange  or  abnormal.” 

Getting  VoIP  to  work  over  IPv6  is  impor¬ 
tant,  says  Mark  Fishburn,  vice  president  for 
technical  strategy  at  Spirent  Communica¬ 
tions,  which  provides  test  methodology 
and  equipment  to  Moonv6. 

“The  No.  1  service  that  service  providers 
intend  to  deploy  next  year  is  voice-based 
services,  and  [IPv6]  could  be  an  important 


element  of  that,” 
Fishburn  says.  “IPv6  is 
real  for  us  because 
service  providers  are 
testing  it,  and  equip¬ 
ment  manufacturers 
are  putting  it  into  their 
products.” 

Moonv6  testers 
found  some  firewalls 
were  not  implement¬ 
ing  IPv6  stateful  func¬ 
tionality  requirements 
correctly  and  that 
some  IPv6  applica¬ 
tions  didn’t  support  user  authentication. 

But  the  IPv6  multicasting  tests  went 
smoothly 

“Once  we  had  it  all  configured,  multicast 
worked  on  the  first  try  and  we  ran  it  for  sev¬ 
eral  days  straight,”  Goubert  says.“I  was  very 
impressed.  We  had  13  machines  running 
multicast.” 

Moonv6  participants  also  ran  the  first  test 
of  iSCSI, an  emerging  network  back-up  and 
storage  protocol,  over  IPv6.  Microsoft  engi¬ 
neers  involved  in  the  iSCSI  test  formatted 


and  mounted  a  remote  disc  over  IPv6 
using  iSCSI  and  then  copied  files  to  it  as  if 
it  were  a  local  disc.  Four  discs  were  con¬ 
nected  at  once. 

Moonv6  organizers  say  network  vendors 
need  to  refine  their  IPv6  implementations 
to  improve  the  interoperability  of  their 
products  with  those  from  other  compa¬ 
nies.  However,  they  say  they  have  discov¬ 
ered  no  major  technical  roadblocks  for 
IPv6  deployment. 

“The  major  hurdles  that  we’ve  encoun¬ 
tered  are  more  configuration-related  than 
protocol-related,”  Williamsen  says.  “But 
users  are  going  to  have  to  learn  IPv6.  It’s  not 
a  simple  transition.” 

Williamsen  says  continued  IPv6  confor¬ 
mance  testing  will  make  it  easier  for  enter¬ 
prise  network  managers  to  deploy  IPv6 
applications. 

“There’s  a  great  need  for  future  testing  in 
firewalls,  security,  IPSec  and  newer 
applications  like  [Session  Initiation 
Protocol],  multicast  and  streaming  video,” 
Williamsen  says. 

The  current  round  of  tests  ran  from  Oct. 
30  until  Nov.  12.1 


Moonv6  test  set 

The  following  protocols 
were  among  those  tested: 


802.11  wireless  LANs 

Ethernet  networks 

IPSec  between  firewalls 

DHCP 

DNS 

iSCSI 


Presence  technologies  and  the  Global  Grid 


EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


I’m  a  big  believer  in  historical  cycles, 
particularly  when  it  comes  to  technol¬ 
ogy  True,  nothing  ever  happens  exactly 
the  same  way  twice,  but  tech  trends  have  a 
way  of  being,  in  the  immortal  words  of  Yogi 
Berra, “deja  vu  all  over  again.” 

As  a  physics  grad  student  in  the  1980s,  I 
discovered  the  Internet  as  a  way  to  get  data 
back  and  forth  from  the  accelerator  in 
Fermilab  where  my  experiments  ran.  1 
spent  the  next  10  years  trying  to  convince 
people  that  this  thing  called  the  Internet 
would  change  the  way  we  live  and  work. 

Today  I’m  having  the  same  conversation 
about  presence  technologies.  The  argu¬ 
ments  against  presence  today  are  about 
the  same  as  those  against  the  Internet:  It’s 
just  for  geeks  (or  kids).  It’ll  never  work.  And 


what  do  we  need  it  for,  anyway? 

As  before,  some  of  the  earliest  adopters 
include  the  federal  government,  particu¬ 
larly  the  Department  of  Defense.  As  noted 
in  previous  columns,  contrary  to  popular 
belief  the  Defense  Department  didn’t 
invent  the  Internet,  but  DARPA  and  its 
researchers  recognized  the  defense  applic¬ 
ability  of  distributed  networks. 

Ditto  for  presence.  During  Gulf  War  II, 
when  most  corporations  had  barely  heard 
of  instant  messaging,  soldiers  and  their 
commanders  were  using  it  regularly  to  get 
instantaneous  insight  into  battlefield 
events.  Now  the  Defense  Department  has 
announced  plans  for  a  Global  Information 
Grid,  a  satellite-based  system  designed  to 
provide  a“God’s-eye  view”of  the  battlefield. 

Will  it  work?  Internet  pioneer  Vint  Cerf 
has  expressed  skepticism.  He  and  others 
remind  us  that  previous  highfalutin  satel¬ 
lite  schemes  have  imploded:  Remember 
Iridium,  the  much-hyped  Motorola  satellite 
service  that  went  belly  up  in  2000? 

But  let’s  assume  the  government  is  now 
savvy  enough  to  couple  presence  to  the 
satellite  grid.  Envision  soldiers  in  battle  — 
or  spies  undercover  —  with  minicams  in 


their  headgear,  constantly  uploading  what 
they’re  seeing  and  doing  into  a  network  of 
distributed  presence  directories  backed 
by  data-crunching  servers.  Imagine  a  gen¬ 
eral  receiving  first-person  input  from  a 
fighter  on  the  front  lines.  Picture  a  soldier 
requesting  and  receiving  real-time  data 
about  targets. 

Now  imagine  what  that  same  technology 
could  do  for  retail,  distribution,  hospitality 
or  healthcare  organizations  —  or  any  com¬ 
pany  that  blends  knowledge  work  with 
logistics.  Like  the  Internet,  presence  tech¬ 
nologies  have  the  potential  to  change  the 
way  we  live  and  work. 

Oh,  and  Iridium?  It’s  doing  fine.  After  sell¬ 
ing  its  assets  to  a  venture  firm  in  late  2000, 
the  reconstituted  company  is  on  the  path 
to  profitability  with  more  than  100,000  sub¬ 
scribers,  thanks  to  contracts  with  the  gov¬ 
ernment  and  various  maritime  and  avia¬ 
tion  firms.  And  one  of  its  topselling  ser¬ 
vices  is  short  message  service. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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VOICE  OVER  IP  SOLUTIONS 


Use  The  Internet  To  Save 
Money  On  Phone  Calls! 
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Make  the  most  of  your  high-speed  Internet  service!  Use  the 
latest  Voice  over  IP  (VoIP)  technology  from  Linksys  to  cut  your 
phone  bill.  Simply  plug  the  Linksys  Phone  Adapter  into  your 
router  and  connect  a  standard  telephone. 

When  you  sign  up  for  a  Voice  over  IP  service 
package*,  you'll  get  great  features  like: 

•  Unlimited  local  and  long 
distance  calling. 

•  Free  Voice  Mail,  Caller  ID, 
and  more. 

•  Great  International  rates! 
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Visit  www.Linksys.com/Voice  for 
details,  or  call  our  Advice  Line  at: 

1-800-546-5797 


*  A  Voice  over  IP  service  package  from  a  specific  provider  is  required,  and  sold  separately.  Linksys  is 
a  registered  trademark  or  trademark  of  Cisco  Systems,  Inc.  and/or  its  affiliates  in  the  U.S.  and  certain 
other  countries.  Copyright  ©  2004  Cisco  Systems,  Inc.  All  rights  reserved. 
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FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


FCC  ruling  stirs  up  VoIP  competition 


Consumer  VoIP  vaults 

By  the  end  of  2008,  IDC  expects  14  million  consumers  will  subscribe  to 
VoIP  services.  The  analyst  firm  says  its  projections  were  not  affected 
by  the  latest  FCC  ruling. 
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■  BY  STEPHEN  LAWSON 


The  FCC’s  Nov.  9  decision  to  preempt 
state  regulation  of  VoIP  operators  should 


■  KeyCompilting  has  announced 
Xkey  Security  Edition,  a  secure 
USB  flash  drive  that  lets  users  safely 
access  data  and  Web  applications 
from  untrusted  computers.  Data  on 
the  Xkey  is  encrypted  with  128-bit 
Advanced  Encryption  Standard  and 
protected  by  a  complex  password. 
The  device  stores  and  uses  digital 
certificates  to  authenticate  to  Web 
applications  and  VPN  clients,  and  for 
digital  signatures  and  encrypting 
e-mail.  Xkey  neutralizes  key-loggers 
and  text  grabbers,  and  ensures  traces 
of  the  browser  session  are  deleted. 
When  the  Xkey  is  removed,  all  brows¬ 
er  sessions  are  terminated.  Available 
next  month,  the  256M-byte  Xkey  costs 
$175;  the  2G-byte  costs  $450. 

■  Qwest  has  announced  Qwest  Re¬ 
mote  Access,  a  service  that  lets 
mobile  and  remote  workers  connect 
to  corporate  VPNs  using  Qwest’s 
global  dial-up,  broadband  and  Wi-Fi 
services.  A  management  portal  and 
client  software  lets  network  execu¬ 
tives  enforce  access  rights  and 
ensure  remote  workers  have  the  lat¬ 
est  anti-virus  and  firewall  security 
policies. 

■  Linksys  has  announced  its  802.1 1g 
CompactFlash  Card  for  Pocket 
PCs  and  PDAs.  The  CF  Card  installs 
using  a  CompactFlash  Type  II  slot, 
supports  128-bit  Wired  Equivalent  Pri¬ 
vacy,  and  works  with  Windows  Mobile 
2002  or  higher  operating  systems. 
Built-in  power  management  helps 
save  battery  power.  And  Linksys  says 
in  ad  hoc  mode,  the  device  lets  users 
download  data  from  a  wireless  PC 
without  a  wired  cradle  or  network 
connection,  and  share  data  with  other 
wireless  PDAs. 


result  in  more  choices  and  lower  prices  to 
telecom  customers,  with  particular  benefit 
to  telecommuters,  according  to  industry 
analysts,  service  providers  and  equipment 
vendors. 

The  decision  already  has  opened  the 
pocketbooks  of  two  VoIP  companies  look¬ 
ing  to  expand  their  offerings.  Pulver.com, 
founded  by  Internet  telephony  pioneer  Jeff 
Pulver,  plans  to  launch  a  prepaid  calling 
service  called  LibreTel  by  early  December, 
and  Vonage  Holdings  plans  to  expand  its 
leased-fiber  network  to  offer  higher-quality 
calls  and  local  phone  numbers  in  more 
locations. 

Vonage  was  the  immediate  winner  in  the 
ruling,  in  which  the  FCC  granted  the  com¬ 
pany’s  petition  that  its  DigitalVoice  service 
should  be  exempt  from  traditional  tele¬ 
communications  carrier  regulation  by  the 
Minnesota  Public  Utilities  Commission. 
Among  other  things,  the  regulations  would 
have  required  Vonage  to  get  a  license  to 
operate  in  the  state.  Services  such  as 
DigitalVoice,  which  lets  subscribers  make 
and  receive  calls  over  a  broadband  con¬ 
nection  from  anywhere  in  the  world, 
should  not  be  regulated  by  both  state  and 
federal  governments  because  it’s  impossi¬ 
ble  to  distinguish  between  local  and  long¬ 
distance  calls,  the  FCC  said. 

The  decision,  which  also  cited  the  FCC’s 
deregulatory  policies  and  the  federal  gov¬ 
ernment’s  policies  to  promote  Internet 
development,  had  been  expected  to  favor 
Vonage.The  fight  over  how  to  regulate  VoIP 
is  far  from  over,  but  the  latest  ruling  should 
clear  up  some  uncertainty  and  benefit  the 
VoIP  industry  analysts  and  industry  execu¬ 
tives  say 

“Effectively, everyone’s  been  green-lighted 
now  to  go  and  launch  their  products,”  says 
Pulver,  president  and  CEO  of  Pulver.com. 
Even  though  the  industry  still  is  waiting  for 
a  broader  FCC  decision  on  whether  VoIP 
should  be  regulated  as  a  telecom  or  a  data 
service,  he  adds,  “There’s  a  window  of 
opportunity  for  people  to  come  out  and 
offer  services  and  not  worry  about  what’s  at 
the  state  level.”  Pulver.com’s  own  free  VoIP 
service,  Free  World  Dialup,  got  a  favorable 
ruling  earlier  this  year  when  the  FCC 
exempted  it  from  most  regulation.  Unlike 
most  VoIP  services,  Free  World  Dialup  is 
free  and  allows  calls  only  between  sub¬ 
scribers. 

Pulver  says  the  new  prepaid  LibreTel  ser¬ 
vice  will  offer  a  “virtual”  phone  number 
and  unlimited  VoIP  calls  for  a  flat  monthly 


fee.  Had  LibreTel  required  state  approvals, 
Pulver.com  would  have  had  to  post  bonds 
of  millions  of  dollars  in  some  cases. 

“I  saw  no  value  in  pushing  the  envelope 
until  there  was  certainty  Pulver  says.  “The 
administrative  cost  of  the  service  would  far 
outweigh  any  profit  margins  I’d  have.” 

Vonage  has  held  off  investing  in  new 
infrastructure  until  the  decision  was  made, 
says  CEO  Jeffrey  Citron.  The  DigitalVoice 
service  can  reach  any  phone  by  handing 
off  calls  to  the  public  telephone  network, 
but  in  areas  where  Vonage  has  its  own  net¬ 
work  it  can  provide  local  numbers.  These 
let  Vonage  subscribers  establish  a  virtual 
local  presence  so  relatives,  friends  and 
business  associates  can  call  them  at  local 
rates.  Now  Vonage  plans  to  expand  its  net¬ 
work  to  Iowa,  Maine,  North  Dakota  and 
other  states,  according  to  Citron. 

David  James  of  Netgear,  which  supplies 
VoIP  equipment  to  consumers  and  small 
businesses,  expects  to  see  big  incumbent 
carriers  and  cable  operators  dive  in 
nationally  and  take  advantage  of 
economies  of  scale.  Having  to  accommo¬ 
date  regulators  in  each  state  would  have 
slowed  them  down  and  prevented  consis¬ 
tent  nationwide  pricing  and  marketing, 
says  James,  Netgear’s  director  of  broad¬ 
band  services  products. 

Verizon  Communications,  which  offers  its 
own  VoIP  service,  welcomed  the  decision. 
Having  to  go  through  state  regulators 
would  impose  costs  and  delays  on  service 
providers,  so  removing  that  requirement 
should  help  drive  down  prices,  says 
spokesman  Eric  Rabe.  However,  the  FCC’s 
policies  aren’t  yet  fully  clear,  he  says. 

Competition  and  lower  prices  are  espe¬ 
cially  good  news  for  telecommuters,  who 
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can  use  VoIP  to  easily  set  up  a  work  phone 
at  home  without  having  to  buy  a  conven¬ 
tional  second  line  from  the  phone  compa¬ 
ny  says  In-Stat/MDR  analyst  Daryl  Schoolar. 
VoIP  services  also  can  provide  enterprise 
phone  extensions  wherever  an  employee 
travels  with  a  VoIP  phone.  Those  benefits 
also  carry  over  to  small  businesses,  which 
can  get  a  broadband  connection  and  set 
up  several  lines  quickly  and  easily 

These  new  abilities  are  part  of  a  gradual 
trend  toward  new  presence  technologies 
for  telecommuters,  eventually  including 
videoconferencing  through  VoIR  says 
Malachy  Moynihan,vice  president  of  engi¬ 
neering  and  product  marketing  at  Cisco/ 
Linksys. 

Even  so,  analysts  and  executives  cau¬ 
tioned  against  jumping  to  conclusions 
from  the  decision. The  FCC  hasn’t  issued  a 
detailed  ruling  on  the  Minnesota  case  yet, 
although  IDC  analyst  Will  Stofega  expects 
one  to  come  by  year-end.  Big  questions 
loom  on  emergency  91 1  service  and  gov¬ 
ernment  subsidies  for  universal  phone  ser¬ 
vice.  In  its  statement  on  the  decision,  the 
FCC  wrote  that  911,  universal  service  and 
other  issues  would  be  addressed  in  its 
broader  IP-Enabled  Services  Proceeding, 
which  will  begin  in  February  2005. 

Many  issues,  even  involving  state  taxes 
and  franchise  fees,  are  still  up  in  the  air,  In- 
Stat’s  Schoolar  says. 

“It’s  a  good  first  step  because  at  least  you 
know  who  [service  providers]  have  to  deal 
with,”  he  says. “By  no  means  does  it  mean 
that  they’re  off  scot-free  and  aren’t  going  to 
be  paying  taxes  in  the  future." 

Lawson  is  a  correspondent  with  the  IDG 
News  Sewice. 
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Middleware  is  Everywhere.  Can  you  see  it? 


,  IBM,  the  IBM  logo,  WebSphere,  the  On  Demand  logo.  Express  Middleware,  and  Express  Portfolio  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in 
the  United  States  and/or  other  countries.  Based  on  IBM  pricing  for  U  S.  only,  including  sottware  maintenance  and  technical  support.  Check  with  your  local  IBM  representative  for  actual  pricing 
Business  Partner  prices  may  vary. «  2004  IBM  Corporation.  All  rights  reserved.  """  ° 


IBM  Express  Middleware"  | 

IBM  EXPRESS  MIDDLEWARE™  IS  SOFTWARE. 

Software  like  WebSphere®  Express  that’s  designed 
to  help  mid-sized  businesses  connect  their  processes 
to  meet  business  goals.  On  demand.  Designed  to  work 
with  the  IT  systems  you  have.  Designed  to  be  installed 
quickly  and  easily,  with  prices  starting  at  $600!  Ask  your 
Business  Partner  about  it  -  or  you  might  miss  the  boat. 

1.  Crates  of  patio  furniture  scanned. 

2.  Quantities  verified  on  secure  database. 

3.  Timetables  confirmed  online. 

4.  Inventory  added  to  order  automatically. 
5.1,200  plastic  chairs  en  route  to  Key  West. 

Ask  your  Business  Partner  about  us  or  learn  more  at  ibm.com/middleware/express  EI3  demand  express  portfolio’ 

BUILT  FOR  MID-SIZED  BUSINESS 
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802.1 1  n  throttles  up  WLAN  throughput 


HOW  IT  WORKS 


802.1  In 


The  forthcoming  IEEE  802.11n  standard  promises 
throughput  of  at  least  100M  bit/sec.  The  two  leading 
proposals,  WWise  and  TGn  Sync,  both  use  two  transmit 
and  receive  antennas  but  differ  in  the  size  of  their 
preambles  and  degree  of  packet  aggregation. 


Transmitter 


© 


Receiver 
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CD  Using  TGn  Sync,  a  transmitter  aggregates  data  packets  into  longer  units  with  a  preamble  added  (P-preamble, 
D-data)  and  split  into  multiple  streams. 

CD  Alternatively,  using  WWise  the  transmitter  aggregates  data  packets  into  longer  units  with  added  preambles 
(shorter  than  TGn  Sync)  and  split  into  multiple  streams. 

©  The  transmitter  transmits  the  data  via  different  antennas  using  the  same  bandwidth  at  the  same  time. 

©  The  signals  travel  over  many  different  paths,  and  are  reflected  off  different  objects,  eventually  arriving  at  the 
receive  antennas. 

©  The  receiver  receives  and  jointly  processes  the  signals  to  separate  the  transmitted  streams,  which  are  then 
recombined  to  generate  the  output  data. 


■  BY  JACK  WINTERS 

The  drive  for  higher  throughput  in  wire¬ 
less  LANs  has  pushed  the  IEEE  to  develop 
802.1  In,  a  new  version  of  the  802.11  stan¬ 
dard  that  promises  throughput  in  excess  of 
100M  bit/sec  in  20-MHz  to  40-MHz  of  band¬ 
width.  This  standard  would  permit  very- 
high-speed  interconnection  of  wireless 
devices  over  distances  of  300  feet  or  more. 

Current  IEEE  802.1  la/g  WLANs  operate 
with  raw  data  rates  up  to  54M  bit/sec,  but 
the  actual  throughputs  are  generally  no 
more  than  20M  bit/sec.  Although  fine  for 
many  applications,  interconnection  de¬ 
vices  with  higher  data  rates,  particularly 
HDTV  and  streaming  video,  can  require 
throughputs  of  100M  bit/sec  and  higher. 
Achieving  this  throughput  within  the  unli¬ 
censed  channel  of  20  MHz  requires  im¬ 
provements  in  the  physical  layer  (that  is,  the 
raw  data  rate)  and  the  efficiency  of  the 
media  access  control  (MAC)  layer, such  that 
the  throughput  is  closer  to  the  raw  data  rate. 

One  technique  to  increase  MAC  efficien¬ 
cy  involves  aggregating  packets  so  the  data 
is  sent  in  longer  units,  decreasing  the  over¬ 
head  of  the  packet  preambles. 

The  most  practical  method  to  increase 
the  raw  data  rate  is  a  technique  called  mul¬ 
tiple  input/multiple  output  (MIMO).MIMO 
uses  multiple  transmit  and  receive  anten- 


Correction 


IH  The  story  "App  routers  integrate  data 
in  a  snap"  (Nov.  15,  page  41)  should 
have  listed  the  author's  e-mail  address 
as  fred.meyer@castironsys.com. 


nas  to  create  multiple  spatial  channels 
between  a  transmitter  and  receiver.  In  the 
multi-path  environment  in  which  WLANs 
operate,  by  using,  for  example,  four  transmit 
and  four  receive  antennas, data  rate  can  be 
quadrupled  within  the  same  bandwidth, 
using  the  same  transmit  power. 

At  an  IEEE  standard  meeting  last  Septem¬ 
ber,  four  complete  and  28  partial  proposals 
for  802.1  In  were  presented. The  proposals 
will  be  evaluated  and  converged  in  a  final 
proposal  during  subsequent  meetings  that 
will  occur  every  two  months.The  two  com¬ 
plete  proposals  with  most  of  the  support 
are  the  WWise  and  TGn  Sync  plans.  These 
two  proposals  include  a  common  two 
transmit,  two  receive  antenna  mode  in  20- 
MHz  channels. 

These  two  proposals  differ  in  many 
aspects,  though,  including  their  preambles 
and  degree  of  packet  aggregation.  For 
example,  TGn  Sync  uses  longer  data  unit 
lengths  (about  eight  to  32  times  longer) 
with  longer  preambles  (up  to  two  times 
longer  for  more  robustness)  than  WWise. 

In  addition,  the  other  complete  and  par¬ 
tial  proposals  contain  a  variety  of  tech¬ 
niques,  such  as  transmit  beam  forming, 
each  with  advantages  and  disadvantages. 
The  802.1  In  proposals  are  similar  enough 
that  reaching  a  compromise  proposal 
appears  feasible.  A  number  of  optional 
modes  might  need  to  be  included, though. 

Some  proposed  modes  include  four 
transmit/receive  antennas  in  2-MHz  to  20- 
MHz  channels  for  data  rates  in  excess  of 
500M  bit/sec,  showing  the  power  of  MIMO 
to  provide  extremely  high  data  rates. 

Even  though  the  standard  is  not  expect¬ 
ed  to  be  completed  until  2007,  so-called 
pre-n  equipment  is  being  marketed,  and 
more  companies  are  expected  to  intro¬ 


duce  pre-n  gear  before  the  standard  is 
approved.  Although  the  final  standard  will 
most  likely  differ  from  these  products,  they 
use  the  term  pre-n  because  they  use  MIMO 
(which  is  included  in  the  two  main  pro¬ 
posals  and  will  likely  be  in  the  final  stan¬ 
dard)  and  achieve  data  rates  much  higher 
than  802.1  la/g. 

This  certainty  also  permits  an  802.1  In 
analog  radio  frequency  front  end  to  be 
designed  well  before  the  standard  is 
approved,  with  the  much-shorter-devel- 


opment-cycle  digital  circuitry/software 
finalized  with  the  standard.  802.1  In 
could  cost  more  than  twice  that  of 
802.1  la/g,  because  the  multiple  RF 
chains  required  with  MIMO  have  not 
seen  the  dramatic  cost  reductions  of  dig¬ 
ital  circuitry. 

Winters  is  chief  scientist  at  Motia.An  IEEE 
Fellow  and  a  member  of  the  IEEE  802. 1  In 
Working  Croup,  he  can  be  reached  at  jwin 
ters@motia.com. 


Dr.  Internet  By 


Steve  Blass 


Where  can  I  find  an  alternative  to  Apache  Format 
Objects  Processor  to  produce  PDF  files  from  XML 
documents  using  Java  ? 

IText  (www.lowagie.com/iText/),  an  open  source 
library  that  can  produce  PDF  documents  dy¬ 
namically  from  Java  programs,  is  available  in 
ready-to-use  pre-compiled  binary  format  and 
source  code.  From  the  iText  Web  site,  download 
the  two  jar  files  that  make  up  iText,  found  in  the 


Download  section  of  the  page.  Place  the  jar 
files  in  a  directory  that  is  part  of  your  Java 
Classpath.  To  use  the  library,  download  the 
Hello  World  example  named  ChapOIOl.java 
located  at  the  top  of  the  iText  tutorial  page.  The 
example  is  a  stand-alone  Java  application  that 
will  create  a  PDF  file  containing  the  words 
"Hello  World"  when  executed.  To  build  and  run 
the  example  in  Eclipse,  create  a  Java  Project 
containing  the  two  jar  files  and  the  example  file, 


add  the  jar  files  to  the  Java  Build  Path  using  the 
Project  Properties  menu,  and  run  the  applica¬ 
tion  to  create  ChapOIOI  pdf.  The  iText  tutorial 
pages  provide  several  examples  of  how  to  apply 
the  steps  demonstrated  in  the  Hello  World 
tutorial. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.inlernet@ 
changeatwork.  com. 
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Technology  Update 


Halt!  Who  goes  wirelessly? 
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Problems  with  users  fall  into  two  cate 
gories:  Those  caused  because  users 
are  clueless  and  those  caused 
because  users  have  half  a  clue.  The  latter 
group  is  at  least  as  dangerous  as  the  former 
and  often  more  so. 

What  youd  really  like  to  do  is  put  locks 
on  all  the  PC  cases,  remove  all  CD  and 
floppy  drives,  super-glue  any  and  every 
cable  into  its  socket,  weld  covers  over  every 
unused  port  and  have  a  standing  rule  that 
any  user  who  does  anything  to  the  equip¬ 
ment  gets  brought  before  the  support  desk 
and  given  20  lashes.  Alas,  such  power  will 
exist  only  in  your  dreams. 

Anyway  the  current  half-clued  user  trans¬ 
gression  we  are  wrestling  with  is  unautho¬ 
rized  wireless  extensions  to  corporate  net¬ 
works.  The  problem  is  that  802. 1 1  access 
points  have  plummeted  in  price,  making  it 
easy  for  any  user  with  even  the  most  micro¬ 
scopic  discretionary  budget  to  buy  one. 

So  how  do  you  keep  tabs  on  authorized 
wireless  networks  and  detect  unauthorized 


access  points,  ad  hoc  networks  and  wire¬ 
less  clients?  Some  of  the  newfangled  wire 
less  LAN  switches  have  this  capability  built 
in,  but  the  best  stand-alone  tool  we’ve 
found  so  far  is  from  Highwall Technologies. 

Highwall’s  solution  consists  of  a  box 
called  the  Sentinel  with  optional  Scout 
Antennas.The  Sentinel  can  detect  802.1  la, 
b  and  g  wireless  traffic  and  runs  an  embed¬ 
ded  version  of  Linux.  It  has  two  RJ45 
lOBaseT  interfaces  that  support  Power 
over  Ethernet  and  a  coaxial  connection 
(which  supports  power  over  coaxial). The 
coaxial  connection  links  to  the  Scout 
Antennas,  which  are  used  to  extend  the 
coverage  of  the  Highwall  system. 

The  Web-based  Highwall  Management 
Server  provides  the  management  console 
interface.  This  requires  Microsoft  SQL 
Server  under  Microsoft  Server  2000  or  high¬ 
er  with  Internet  Information  Server  and 
ASPNet. 

Configuring  the  Sentinel  hardware  re¬ 
quires  you  to  browse  to  the  default  address 
of  192.168.0.33:10000  and  change  the 
address  to  be  static  or  DHCP-allocated.  We 
wish  vendors  would  default  to  using  DHCP 
—  it  would  make  life  so  much  simpler. 

Installing  the  server-based  management 
console  software  is  fairly  easy  although  you 
must  ensure  that  SQL  Server  is  configured 


for  mixed-mode  authentication  (Windows 
and  SQL  Server  authentication) .  Otherwise, 
the  Highwall  installation  process  will  exit, 
requiring  you  to  start  the  installation  again. 

Once  the  management  console  is 
installed,  you  must  edit  the  configuration 
file  with  Windows  Notepad  or  similar  to 
specify  the  addresses  of  the  Sentinels,  and 
other  operational  parameters.  When  you 
have  finished  editing  the  configuration  file 
you  can  access  the  management  console 
through  your  Web  browser. 

We  could  see  every  operating  access 
point,  ad  hoc  network  and  wireless  client 
in  our  vicinity  We  could  see  all  the  pub¬ 
lished  Service  Set  Identifiers  (the  wireless 
network  identifiers),  equipment  vendors, 
wireless  channels,  media  access  control 
addresses  and  IP  addresses  assigned  to 
non-Wired-Equivalent-Privacy-protected 
networks.  And  we  could  label  all  the 
access  points  and  clients  so  we  could  filter 
the  lists  of  equipment  as  being  rogue, 
domestic  or  foreign. 

The  management  console  displays  alerts 
for  each  newly  encountered  wireless 
device  and  network,  and  lets  you  examine 
the  data  and  classify  it  for  future  reference. 

Although  we  didn’t  try  the  Scout  Anten¬ 
nas,  they  are  supposed  to  be  able  to 
locate  the  physical  position  of  wireless 


devices  to  within  10  feet.They  are  said  to 
allow  coverage  of  buildings  of  more  or 
less  any  size  with  multiple  floors.  The 
Highwall  system  also  integrates  with 
UniCenter  eTrust  and  Wireless  Site 
Management  products  from  Computer 
Associates  —  the  latter  providing  the 
most  accurate  determination  of  physical 
location. 

Highwall  told  us  about  an  interesting  cus¬ 
tomer  success  story,  if  true:  A  Fortune  1000 
medical  company  is  said  to  be  using  the 
Highwall  system  to  monitor  10,000  wireless 
devices  spread  over  200  locations.  Given 
regulatory  compliance  requirements  and 
privacy  concerns,  keeping  track  of  autho¬ 
rized  infrastructure  and  identifying  and 
locating  rogue  systems  is  critical.  Highwall 
says  this  particular  customer  sees  about 
1 ,000  alerts  every  day 

Highwall’s  solution  is  the  most  compre¬ 
hensive  and  powerful  wireless  network¬ 
monitoring  product  we  have  seen.  Prices 
start  at  $14,000,  which  includes  one 
Sentinel,  two  Scout  Antennas  (supporting 
802.11a  and  g)  and  the  management  con¬ 
sole  software.  A  Scout  Antenna  that  sup¬ 
ports  802.1  lb  also  is  available. 

Broadcast  your  thoughts  over  the  wires  to 
gearhead@gibbs.  com. 


Top  10  Gift  Guide  insights 


Cool 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


On  page  36  this  week  we  present  our  fifth  annual  “Cool 
Yule  Tools”  holiday  gift  guide, showcasing  the  coolest 
high-tech  products  of  the  year. 

In  addition  to  the  17  products  listed  in  those  pages, 
we’ve  got  more  than  130  other  fine  gift-giving  ideas 
online  (www.nwfusion.com,  DocFinder:  4729).  Over 
the  past  few  months  the  Cool  Yule  Tool  elves  have 
opened,  installed,  tested,  re-tested,  played  with  and  re¬ 
packed  several  gadgets,  devices  and  other  entertaining 
products. 

We’re  exhausted,  but  we  have  come  away  with  some 
lessons  learned,  and  in  true 
Letterman  style  we  present  our 
“Top  10  Insights  from  This  Year’s 
Gift  Guide.”We’re  working  on  little 
sleep  here,  so  no  letters  please. 

10.  A  switch  is  not  a  gift.  Despite 
the  pitch  to  companies  saying  that 
it  was  a  “gift  guide,”  we  still  got 
pitched  our  share  of  routers, 
switches  and  other  networking 
equipment.  While  we  may  look  at 
some  of  these  in  the  normal  pages 
of  Cool  Tools  and/or  Network 
World ,  they  don’t  really  belong  in  a 
gift  guide. 

9.  We  get  odd  pitches.  On  the 
other  hand,  some  companies  failed 


to  realize  that  we  do  write  about  technology  We  received  a 
pitch  about  a  machine  that  paints  JPEG  images  onto  a  per¬ 
son’s  fingernails  (ImagiNail).  It  sounds  like  fun,  but  in  the 
end  we  decided  to  pass  (our  idea  of  putting  a  Bill  Gates 
photo  on  our  fingernails  didn’t  pan  out). 

8.  We  love  geek  stuff.  Sure,  there  was  excitement 
when  the  widescreen  TVs  started  showing  up  in  the 
office,  but  we  were  more  excited  about  all-in-one 
devices  such  as  the  MicroSolutions  RoadStor  and  the 
Addonics  MultiFunction  Recorder,  which  take  several 
cool  things  (such  as  a  CD  player,  DVD  player  and  mem¬ 
ory  card  reader)  and  present  them  in  one  package. 
They’re  not  much  to  look  at,  but  act  like  a  Swiss  Army 
Knife  in  terms  of  productivity. 

7.  The  PC  is  not  the  center  of  the  universe.  From  digital 
cameras  and  printers  that  don’t  need  a  PC  to  act  as  a 
middle  man,  to  network-attached  storage  devices  that 
don’t  need  an  always-on  PC,  it’s  clear 
that  many  manufacturers  are  trying 
to  avoid  relying  on  a  PC  for  their 
products  to  function.  Even  laptops 
that  can  play  DVDs  or  CDs  without 
booting  up  the  PC  operating  system 
are  joining  the  fun  of  trying  to  work 
without  Microsoft’s  help. 

6.  Robots  are  cool,  and  yet  creepy. 
You  can  do  a  lot  with  the  $100  Robo- 
sapien,  including  annoying  co-work- 
ers  by  getting  the  robot  to  dance  and 
make  noise. 

5.  Storage  size  and  dropping  prices 
continue  to  amaze  me.  Yes,  that  is 
2.2G  bytes  of  storage  in  my  pocket, 
and  1  am  happy  to  see  you. 


4.  Printer  companies  are  evil.  How 

else  can  you  explain  not  including 
a  USB  cable  for  a  USB  printer?  We 
understand  not  including  a 
cable  when  a  printer  has  dif¬ 
ferent  interface  options 
(and  you  don’t  know  what 
the  end  user  will  end  up 
connecting  with),  but 
not  including  a  USB 
cable  when  the  USB 
port  is  the  ONLY 
INTERFACE  is  just 
wrong. 

3.  Putting  goo  in  it  doesn’t  look  like 
your  ear  is  worth  much,  but  the  MicroSolutions 
it.  In  order  to  try  Road  Stor  is  a  productivity  giant 

the  Ultimate  Ears 
personal  monitors,  we  had  to  travel  to  an  ear  specialist 
who  had  to  take  an  impression  of  my  ears  in  order  to 
create  the  device.  While  the  process  was  odd,  getting 
something  that  enhances  the  digital  audio  player 
trumps  it. 

2.  Don’t  be  scared  by  little  companies.  Apple,  Sony,  IBM 
and  Samsung  might  get  all  the  headlines,  but  quality  prod¬ 
ucts  are  being  put  out  by  smaller  companies  such  as 
Archos,Kanguru,SimpleTech  and  BenQ. 

1 .  My  2004  Christmas  list:  Sweaters,  socks  and  shirts.  After 
testing  for  three  months,  I  don’t  want  to  get  anything  this 
year  with  an  on/off  switch.  We’ll  try  to  present  more  gift 
ideas  over  the  next  few  weeks  as  we  continue  our  quest  for 
the  coolest  products. 

Shaw  can  be  reached  at  kshaw@nww.com. 


Using  the  Ultimate  Ears  personal  moni¬ 
tor  requires  a  trip  to  an  ear  specialist. 
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Network  Security:  Structuring  an  Aggressive  Defense  is  for  professionals  who  have  no 
time  to  spare.  No  money  to  waste.  No  patience  with  spin.  In  a  fast-paced,  high-content, 
professional  setting  partners  provide  practical  solutions  in  context.  Answers  direct  from 
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Managed  In-Depth  Security 

Apani  Networks  is  a  leader  in 
point-to-point  security,  shielding 
"data-in  motion"  from  threats  cre¬ 
ated  by  end-user  access  from 
remote  and  private  networks.  The 
Apani  Networks  solution  provides 
strong  encryption  for  seamless 
data  communication  protection 
and  centralized  management  for 
access  control.  See  us  at 
www.apani.com 
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Fortinet  is  the  confirmed 
leader  of  the  Unified  Threat 
Management  marketspace 
and  produces  the  new  gen¬ 
eration  of  real-time  network 
protection  security  systems. 
More  than  60,000  of  the 
company’s  award-winning 
FortiGateTM  series  of  ASIC- 
accelerated  antivirus  firewalls 
are  running  at  over  2,000 
customers  worldwide. 
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Connecting  People 

Nokia  Enterprise  Solutions  offers 
a  range  of  business  optimized 
mobile  devices  and  a  robust 
portfolio  of  secure  mobile  con¬ 
nectivity  solutions  enabling 
IPSec  and  SSL  based  remotes 
access,  virtual  private  networks, 
firewalls,  and  mobile  application 
gateways.  Nokia  enables  anytime, 
anywhere,  any  device  access 
while  ensuring  the  integrity  of 
the  network. 


VeriSign,  Inc.  (NASDAQ:  VRSN) 
delivers  intelligent  infrastruc¬ 
ture  services  that  make  the 
Internet  and  telecommunica¬ 
tions  networks  more  reliable 
and  secure.  Every  day  VeriSign 
helps  thousands  of  businesses 
and  millions  of  consumers  find, 
connect,  secure,  and  transact 
with  confidence,  across  today’s 
complex  global  networks. 
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OH  TECHNOLOGY 

John  Dix 

Sizing  up  the 
great  patch 
debate 

The  three  distinct  vendor  groups  we  invited  to  partic¬ 
ipate  in  our  online  debate  “How  best  to  patch?” 
struggled  to  distinguish  themselves  in  our  forum  last 
week  (see  www.nwfusion.com,  DocFinder:  4740). 

All  but  one  argued  that  patching  is  part  of  something 
bigger.  As  could  be  expected,  Altiris  and  Configuresoft 
tried  to  convince  us  that  patching  is  part  of  the  broader 
effort  of  tending  to  systems.Tatch  management  is  simply 
the  tip  of  the  iceberg  when  it  comes  to  proper  configura¬ 
tion  management,”  Configuresoft  said. 

And  with  their  security  roots,  Symantec  and  Citadel 
told  us  we  patch  systems  because  we  are  trying  to  allevi¬ 
ate  security  concerns,  so  approaching  the  problem  from 
that  vantage  point  is  wisest.  In  Citadel’s  words:“Patch 
management  is  a  reactive  response  to  external  risks  and 
is  inadequate  because  it  only  addresses  software  defects 
which  represent  20%  to  30%  of  the  critical  system  and 
network  vulnerabilities  in  IT  environments. . . .  Enterprise 
vulnerability  management  is  a  more  proactive  and  holis¬ 
tic  approach.” 

Even  BigFix,  which  we  had  put  in  the  pure-play  patch 
bucket,  argued  that  patch  management  has  to  be  part  of  a 
grander  scheme.  It  tries  to  keep  a  foot  in  both  the  configu¬ 
ration  and  security  camps  by  saying  patching  is  part  of 
configuration  and  security  management. 

Only  Shavlik  Technologies  argued  for  the  pure-play 
approach, saying  a  singular  focus  is  necessary  because 
the  problem  is  so  difficult.“Patch  management  is  an  ardu¬ 
ous  task  and  requires  detailed  patch  analysis  and  testing 
to  ensure  networks  are  protected  from  vulnerabilities,”  it 
said.  In  an  effort  to  bolster  its  argument,  Shavlik  says  other 
vendors  —  including  Microsoft,  Symantec  and  NetlQ  — 
use  its  technology  in  their  patch  solutions. 

But  if  you  don’t  need  other  pieces  to  fill  in  the  patch 
puzzle,  why  would  you  buy  a  patching  tool  from  these 
other  vendors  instead  of  directly  from  Shavlik? 

All  this  talk  of  management,  of  course,  raises  the  ques¬ 
tion  of  how  the  big  enterprise  management  vendors  fit  in. 

When  we  opened  the  debate  to  the  public  on  Wed¬ 
nesday  (up  to  that  point  it  was  a  private  debate  among 
the  vendors,  our  staff  and  guest  expert  Felicia  Nicastro, 
from  International  Network  Services),  management 
heavyweight  Computer  Associates  waded  in.CA  views 
patching  as  part  of  vulnerability  management  and  offers 
an  appliance  and  a  service  to  cover  the  bases. 

While  there  was  no  clear  winner  in  the  debate,  it’s  hard 
to  walk  away  without  viewing  patching  as  simply  part  of 
something  else.  Whether  it  is  best  built  into  configuration 
or  security  management  probably  depends  on  the  nature 
of  your  business. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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opinions 


Security  through  obscurity 

Regarding  Mark  Gibbs’  BackSpin  column  “Inter¬ 
estingly  disturbing”  (www.nwfusion.com,  Doc- 
Finder:  4724):  I  have  been  in  the  computer  business 
for  35  years  and  one  of  the  first  things  I  learned  was 
that  security  based  on  ignorance  never  lasts.  1  don’t 
see  that  this  axiom  has  changed  much  over  the 
years.  If  there  is  a  problem,  fix  it  and  fix  it  fast.  Maybe 
the  problem  is  the  systems  management  that  failed 
to  apply  the  security  patches  as  soon  as  possi¬ 
ble  rather  than  when  it  was  convenient. 

Richard  Smart 
Vice  president,  consulting  services 
TMC  Systems  International 
Norbeck,  Md. 

DSL  dilemma 

Regarding  Kevin  Tolly’s  column  “DSL  hell  redux” 
(DocFinder:  4725):  My  DSL  experience  involved  a 
major  voice  and  DSL  service  provider  in  Southern 
Maine.  1  live  out  in  the  sticks,  so  I  was  fairly  sure  1 
would  not  have  access  to  DSL.  Lo  and  behold,  the 
service  provider’s  Web  site  informed  me  DSL  was  in 
fact  available  for  my  phone  number  and  address. 
The  online  ordering  process  was  quick  and  easy, and 
follow-up  e-mails  showed  up  almost  immediately  to 
confirm  my  order,  the  expected  activation  date,  as 
well  as  shipping  status  for  the  equipment  and  install 
kit.  It  sounded  too  easy  and  too  good  to  be  true  — 
and  it  was. 

On  the  Saturday  following  the  activation  date,  I 
unboxed  the  gear  and  instructions  and  set  to  work 
to  get  my  DSL  line  up  and  going.Three  hours  into  the 
process,  1  called  customer  support  for  some  assis¬ 
tance.  After  a  lengthy  time  on  hold, I  was  told  that  the 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 18  Turnpike  Road.  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


problem  concerned  a  run  of  fiber-optic  cable  that 
was  somewhere  along  the  path  to  my  house,  but  not 
to  worry  —  they  would  dispatch  a  tech  to  replace 
the  fiber  run  with  twisted-pair  copper.That  made  me 
highly  suspicious.  Replace  the  fiber  with  copper? 
Sounded  like  backward  evolution. 

Well,  after  two  revised  (and  missed)  activation 
dates,  I  called  to  see  what  the  story  was, only  to  be  in¬ 
formed  that  my  order  had  been  canceled  the  previ¬ 
ous  week.  No  one  had  called  or  e-mailed  to  notify 
me  of  this.  And  now  —  five  or  six  weeks  into  the  pro¬ 
cess,  with  money  already  charged  to  my  credit  card 
for  equipment  and  many  hours  of  my  own  time 
invested  in  attempting  setup,  troubleshooting  and 
waiting  on  hold  for  customer  service  —  I  was  out  of 
luck.  And  not  happy 

Of  course,  the  equipment  was  returned  and  my 
payment  for  it  was  credited  back.  But  the  service 
provider  would  offer  nothing  to  compensate  for  the 
time  spent  and  frustration  of  the  process  —  al¬ 
though  it  was  clearly  because  of  their  error  in  telling 
me  I  was  eligible  for  DSL  service  to  begin  with. The 
explanation  was  that  their  DSL  unit  and  the  voice 
side  were  really  not  the  same  company,  so  they 
could  not  credit  my  phone  bill. 

As  luck  would  have  it,  a  cable  company  van 
showed  up  in  my  driveway  several  weeks  later  to 
install  a  run  of  cable  to  my  house.  Seems  they  had 
budgeted  to  reach  every  household  in  the  area  in 
2004.  Great  news  for  me,  as  my  house  is  about  1,000 
feet  back  from  the  road  on  a  private  drive  —  cer¬ 
tainly  not  part  of  the  standard  installation  normally 
provided  for  free  by  the  cable  company.  I  had  always 
ruled  out  cable  based  on  cost  to  have  it  installed 
(once  estimated  by  a  previous  provider  at  $3  per 
foot  to  reach  my  house). 

So  today  1  am  happily  cruising  the  ’Net  and  sharing 
large  files  at  high  speed  via  cable.  Hello  cable,  good¬ 
bye  DSL  hell. 

John  Sheedy 
Berwick,  Maine 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  4723 
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TOTALLY  UNPLUGGED 

Ira  Brodsky 


Wireless  innovation  or  intimidation? 


he  ingenuity  of  wireless  LAN  vendors 
has  paid  off.  Once  relegated  to  niche 
industrial  applications,  WLANs  have 
gained  a  foothold  in  corporate  offices  and 
taken  the  consumer  market  by  storm.  With 
huge  markets  for  Wi-Fi  in  voice  and  home 
entertainment  applications  looming,  the 
biggest  growth  still  could  lie  ahead. 

Apparently  that  makes  some  vendors  nervous.  In  a  recent  press 
release,  the  Wi-Fi  Alliance  issued  a  warning:  Products  that  jump  the  gun 
on  the  future  IEEE  802.1  In  standard  will  not  be  Wi-Fi-certified. 
Furthermore,  any  product  incorporating  so-called  “pre-n”  enhance¬ 
ments  could  be  decertified  “if  that  product  is  proven  to  adversely 
impact  the  interoperability  of  other  Wi-Fi-certified  products.” 

At  issue  is  a  momentous  advance, central  to  every  802.1  In  proposal, 
known  as  Multiple  Input/Multiple  Output  Orthogonal  Frequency 
Division  Multiplexing  (MIMO-OFDM).  Using  multiple  transmitters, 
receivers  and  antennas,  MIMO-OFDM  exploits  the  “multipath”  signals 
that  normally  plague  wireless  systems.  When  used  at  both  ends  of  a 
link,  MIMO-OFDM  delivers  profound  throughput  and  range  improve¬ 
ments.  Added  to  today’s  Wi-Fi  networks,  products  incorporating  MIMO- 
OFDM  can  fall  back  to  a  smart  antenna  mode  that  enhances  perfor¬ 
mance  of  existing  802.1  la/b/g  products. 

The  Wi-Fi  Alliance  insinuates  that  some  vendors  are  misrepresenting 
products  as  conforming  to  a  standard  that  probably  won’t  be  finalized 
until  2006.  That’s  a  red  herring.  The  real  problem  is  that  products  con¬ 
forming  to  the  802.1  In  standard  won’t  appear  until  2007,  but  products 


offering  the  advantages  of  802.1  In  technology  are  available  now. 

The  Wi-Fi  Alliance  also  warns  against  pre-n  enhancements  that  inter¬ 
fere  with  existing  certified  products.That’s  another  red  herring.The  mar¬ 
ket  is  brimming  with  products  that  offer  proprietary  but  well-behaved 
enhancements  to  the  802.1  la/b/g  standards.  Far  from  disrupting  cur¬ 
rent  Wi-Fi  products,  MIMO-OFDM  products  offered  by  vendors  such  as 
Belkin  and  SOHOware  are  Wi-Fi-certified  and  boost  performance  when 
used  with  802.1  la/b/g  products. 

A  few  years  ago,  the  WLAN  industry  had  a  similar  experience  with  the 
IEEE  802. 1  lg  standard  .Vendors  that  introduced  pre-G  products  wrested 
market  share  away  from  the  market  leaders.  Customers  with  an  urgent 
need  for  enhancements  destined  for  the  802.1  lg  standard  were  willing 
to  buy  pre-standard  products  to  take  immediate  advantage  of  those 
enhancements. 

Some  leading  vendors  are  worried  the  pre-n  products  spilling  onto 
the  market  could  reshuffle  the  market  share  deck. Their  fears  are  well 
founded.  But  it  would  be  unfair  to  make  users  wait  three  years  just  so 
slower-footed  vendors  can  catch  up. 

Until  now,  the  Wi-Fi  Alliance  has  served  both  the  industry  and  end 
users  well  by  promoting  and  protecting  interoperability  But  the 
alliance  must  be  careful  not  to  confuse  special  interests  with  common 
interests.  It’s  just  as  important  to  protect  vendors’  right  to  innovate. 
Standards  help  grow  the  market  to  the  next  level, but  innovations  like 
MIMO-OFDM  get  the  ball  rolling. 

Brodsky  is  president  of  Datacomm  Research  in  St.  Louis.  He  can  be 
reached  at  ibrodsky@datacommresearch.  com. 
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0W  SECURITY 

Winn  Schwartau 


We  are  not  divided 


Despite  the  recent  political  results,  we  are 
not  a  divided  nation. This  is  not  a  politi¬ 
cal  commentary  but  one  of  common 
interest  to  all  of  us  in  this  country,  not  to  men¬ 
tion  the  rest  of  the  world.  We  certainly  have 
more  in  common  than  we  have  differences. 


In  all  of  my  years  in  information  warfare,  hanging  out  with  feds,  the 
military  and  all  sorts  of  people  in  between,  we  have  hardly  ever  dis¬ 
cussed  politics.  It  didn’t  matter;  we  had  a  job  to  do.  I  still  do  not  know 
the  political  leanings  of  my  professional  friends  and  colleagues  —  and 
I  prefer  to  keep  that  sort  of  non-productive  divisiveness  out  of  my  secu¬ 
rity  mindset.  Because,  ultimately,  we  are  united,  not  divided. 

We  need  each  other  to  survive.  We  need  to  think  and  act  like  partners 
and  competitors  at  the  same  time  by  achieving  a  healthy  symbiotic  bal¬ 
ance  between  the  two  roles.  Impossible  you  say?  Au  contraire.mon  ami! 

The  most  striking  example  of  competitive  partnerships  might  be  seen 
in  the  nation’s  Information  Sharing  and  Analysis  Centers  (ISAC),  cre¬ 
ated  by  former  President  Clinton’s  Presidential  Decision  Directive  63. As 
successfully  demonstrated  in  the  financial  services  ISAC,  competing 
banks  and  insurance  companies  realize  that  cooperation  in  the  areas 
of  security  and  infrastructure  protection  is  necessary  for  the  common 
good.  No  one  person,  company  or  country  lives  in  electronic  isolation. 
A  major  security  event  at  one  bank  is  a  sure  prelude  to  other  banks 
experiencing  similar  pain. 

Changes  in  security  are  occurring  inside  many  top  corporations. 
Traditional  stovepiping  of  security  functions  is  only  a  hindrance. 
Cybersecurity  requires  physical  security  both  of  which  require  trusted 
personnel  to  make  it  all  work.  Security  departments  must  integrate  their 
operations  more  than  they  ever  have.  The  business-continuity  folks 
need  the  cybergeeks  and  the  man  who  fills  the  back-up  generators 
with  oil.  The  last  holdout  here,  though,  is  human  resources,  which 
prefers  absolute  hegemony  over  cooperation.  The  only  way  this  will 
change  is  for  senior  management  to  tell  HR  that  they  have  to  play  nice 


with  others  —  even  if  that  means  being  occasionally  politically  incor¬ 
rect  in  the  pursuit  of  greater  corporate  security  and  integrity 

So  despite  the  endless  portrayals  of  embittered  foes  in  politics  and 
business,  we  are  not  divided.  Despite  our  healthy  disagreements  on 
details,  we  are  in  agreement  about  the  goals  of  computer  security. 

We  agree  that  protecting  the  critical  infrastructures  is  in  the  best  inter¬ 
est  of  the  U.S.  and  the  stability  of  the  world  because  we  are  all  so  inter- 
connected.We  all  need  to  be  reasonably  healthy  for  any  one  company 
or  country  to  succeed.  We  agree  that  personal  privacy  is  more  impor¬ 
tant  than  our  government  treats  it  and  would  like  to  strengthen  it  when 
and  where  we  can.  We  agree  that  the  bad  guys  are  really  really  bad  and 
they  operate  asymmetrically  with  little  regard  for  consequence. 

These  thoughts  form  a  platform  that  suggests  methods  for  expanding 
and  exploiting  the  opportunities  competitive  partnerships  offer: 

•  Create  tax  incentives  for  organizations  that  can  demonstrate  a 
strong  investment  in  security  tools  and  personnel. 

•  Make  security  issues  an  educational  component  from  the  earliest 
school  years. We  tend  to  teach  our  children  how  to  use  computers,  but 
not  why  or  why  not  to  do  certain  things. 

•  Educate  America  and  the  world. There  is  plenty  of  precedence  for 
this.  Think  “Unsafe  at  Any  Speed.” “Only  You  Can  Prevent  Forest  Fires.” 
“Just  Say  No.”“Smoking  Kills.” All  successful  public  education  programs. 
Protecting  our  nation’s  economic  and  technological  well-being  doesn’t 
even  have  an  advertising  tag  line.  Shame  on  us. 

So  let  us  in  the  security  community  remain  undivided  and  focus  on 
the  benefits  we  share  and  our  common  (and  competitive)  interests.  In 
the  grand  scheme, political  infighting  is  an  aside,  better  left  to  the  politi¬ 
cians.  Computer  security  and  protecting  critical  infrastructures  are  bet¬ 
ter  left  to  us. 

Schwartau  is  president  of  Interpact,  a  security  awareness  consulting 
firm,  and  author  of  several  books,  including  the  recent  Pearl  Harbor  Dot 
Com.  He  can  be  reached  at  winn@thesecurityawarenesscompany.com. 


Computer  secur¬ 
ity  and  protect¬ 
ing  critical  infra¬ 
structure  is  bet¬ 
ter  left  to  us. 


_ ADVERTISEMENT _ 

Your  Newest  Enemy:  Unprotected  Endpoints 

Pass  CTO  Roy  Albert  talks  about  achieving  gap-free  protection 
for  your  enterprise  network. 


A  dramatic  shift  is 
on  the  way  for 
IT  organizations, 
according  to  Roy 
Albert,  chief  tech¬ 
nology  officer  at 
iPass.  While  much 
has  been  made  of 
the  need  to  pro¬ 
tect  the  edge  of 
the  network,  Albert 
believes  IT  organ¬ 
izations  should  place  more  focus  on  the  rapid 
proliferation  of  unprotected  devices  hooking 
onto  the  network  and  the  inherent  security 
risks  of  having  mission-critical  data  on  those 
devices.  Albert  says  IT  managers  should 
immediately  address  this  issue — what  he 
sees  as  an  unacceptable  gap  in  enterprise 
security — before  corporations  possibly  suffer 
the  competitive,  financial,  and  legal  conse¬ 
quences  of  having  that  data  stolen.  Here  he 
outlines  the  threat  and  how  IT  managers  can 
protect  themselves. 

Why  do  you  see  remote  and  mobile  devices 
as  a  severe  network  threat? 

There  was  a  point  last  year  when  security 
cropped  up  in  all  our  customer  conversations. 
IT  managers  were  asking:  How  do  I  stop 
viruses  from  coming  in  and  affecting  my  entire 
network?  We  discovered  that  while  most  ven¬ 
dors  have  made  a  big  deal  about  protecting 
the  edge  of  the  enterprise  network,  there's 
another  strategic  inflection  point  that  is  com¬ 
ing — the  devices  themselves.  IT  managers 
don’t  yet  pursue  the  security  of  those  devices 
as  if  their  jobs  depended  on  it.  Yet  those 
devices  [especially  those  carried  by  senior 
executives]  have  mission-critical  data  on  them 
which  needs  to  be  protected. 

In  terms  of  sensitive  documents  and  financials? 

People  have  e-mails  and  financial  documents 
and  confidential  customer  information  that 
lives  on  laptops  and  handhelds — and  many  of 
these  people  travel  extensively.  If  those 
devices  are  compromised  and  critical  informa¬ 
tion  is  stolen,  the  company  may  have  just 
allowed  information  to  leak  to  a  competitor,  or 
may  have  violated  customer  data  privacy. 
Mobile  devices  are  becoming  easier  to  lose  as 
they  become  smaller  and  more  portable.  IT 
groups  have  to  take  responsible  precautions 
to  protect  those  mobile  devices. 

Enterprises  as  a  whole  are  becoming  mobi¬ 
lized — resources  that  used  to  be  centralized 
are  moving  out  to  mobile  devices;  so  you  have 
to  think  about  your  security  in  terms  of  the 
extended  enterprise.  Devices  need  to  be  pro¬ 
tected  in  their  own  right.  Additionally,  users 
don’t  always  connect  to  the  enterprise  every 


time  they  log  on  to  the  Internet.  Therefore,  in 
order  to  achieve  gap-free  protection,  IT  man¬ 
agers  need  to  focus  on  the  defense  of  mobile 
and  remote  devices  anytime  they  are  connect¬ 
ed  to  the  Internet. 

What  are  the  biggest  concerns  in  supporting 
and  protecting  remote  and  mobile  devices? 

The  first  is  protecting  the  information  on  users’ 
machines,  because  that  is  part  of  the  intellec¬ 
tual  property  of  the  corporation.  The  second 
big  concern  is  ease  of  use.  IT  departments  are 
besieged  by  trouble  calls  when  the  users  are 
blocked  [from  the  network].  We  have  seen 
recent  instances  where  IT  managers  have  sac¬ 
rificed  security  for  ease  of  use  and  have  gotten 
into  trouble  later.  So  the  real  challenge  is  to 
implement  security  so  that  it  doesn’t  interfere 
with  the  end-user  experience. 


ARE  YOUR  IT  ASSETS  SECURE? 

Follow  these  steps  for  gap-free  protection. 

User  Identity — Make  sure  user  credentials  for 
Internet  and  VPN  access  are  protected  as  they 
transit  local  access  providers  and  the  Internet. 

Endpoint  Integrity — Perform  assessment  and 
remediation  on  all  mobile  and  handheld  devices 
connecting  to  the  Internet  from  outside  the  firewall. 

Enterprise  Network — Put  in  place  a  mechanism 
that  lets  you  deny  untrusted  users  and  endpoints 
access  to  network  assets. 

Device  Identity — Only  let  trusted  devices  have  full 
access  to  your  enterprise. 

Session  Data — Limit  the  ability  of  users  to  commu¬ 
nicate  from  insecure  sites  without  a  VPN  in  place 
to  avoid  data  or  identity  theft. 


What  about  regulatory  issues?  What  role  do 
they  play  in  securing  the  devices  in  the  extend¬ 
ed  enterprise? 

I  think  we’re  going  to  see  more  legislation — 
already  there’s  HIPAA  in  the  U.S.,  among  oth¬ 
ers — and  we’re  going  to  see  more  inadvertent 
disclosures.  Perfect  security  is  cost-prohibitive, 
but  the  IT  department  is  obligated  to  do  a  rea¬ 
sonable  job  of  protecting  devices.  The  unfortu¬ 
nate  truth  is  that  many  IT  departments  don’t 
have  a  clear  idea  of  what  their  risk  exposure  is 
from  remote  and  mobile  devices. 

What  are  some  of  the  ways  IT  managers  can 
address  device  security? 

Deployment  of  personal  firewalls,  anti-virus 
software  and  VPNs  in  a  thoughtful  way  is  key. 
Deployment  of  assessment  and  remediation 
and  patch  management  to  ensure  these  securi¬ 


ty  products  are  kept  up  to  date  is  also  very 
important.  The  IT  manager  needs  to  understand 
what  he  has  to  do  to  protect  his  devices  and 
needs  to  understand  the  behavior  of  his  users. 
He  needs  to  understand  how  often  his  users 
are  accessing  the  Internet  in  the  absence  of  a 
VPN  and  what  kinds  of  networks  they’re  con¬ 
necting  to — such  as  wireless  or  shared  broad¬ 
band.  And  he  needs  to  know  what  kinds  of 
attacks  are  happening  and  how  to  protect 
against  those. 

It’s  important  to  note:  VPNs  protect  the  data 
moving  between  the  laptop  and  the  enter¬ 
prise — they  don’t  protect  the  laptop  itself  from 
being  compromised.  They  don’t  address  whether 
the  user  credentials  used  to  get  on  to  the  device 
were  administered  properly  and  they  also  don’t 
protect  the  enterprise  network,  which  can  be 
infected  by  viruses  transmitted  by  mobile 
devices  connecting  through  a  VPN  tunnel. 

How  can  IT  managers  install  and  maintain 
security  procedures  on  devices? 

Put  in  an  automated  patch  management  sys¬ 
tem  that  addresses  the  specific  challenges  of 
a  mobile  environment:  whether,  for  example, 
the  client  polls  for  updates  or  a  server  pushes 
them  to  users  who  are  only  occasionally 
online;  whether  the  system  has  the  ability  to 
trickle  updates  over  a  low-bandwidth  connec¬ 
tions;  or  whether  you  provide  the  ability  to 
resume  updates  after  a  connection  has  been 
lost.  A  patch  management  system  will  auto¬ 
matically  determine  what  patches  are  available, 
assess  the  devices  and  report  back  to  the  IT 
manager.  The  process  needs  to  be  automated 
because  IT  departments  can’t  spend  their  lives 
looking  for  patches  and  getting  them  to  the 
machine  on  a  timely  basis. 

Also,  to  protect  against  untrusted  devices, 
consider  some  of  the  emerging  device  authen¬ 
tication  approaches,  such  as  iPass’  DevicelD 
service.  It  lets  you  reliably  identify  the  device 
as  a  trusted  corporate  asset  and  assign  rights, 
or  block  access,  accordingly. 

GET  TRUE  GAP-FREE  PROTECTION 
BY  SECURING  YOUR  ENDPOINTS 

Download  the  iPass  Policy  Orchestration 
White  Paper  to  Learn  How 
to  Shore  Up  Your  Network. 
www.ipass.com/policyorchestration 
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Trusted  connections. 

No  compromises. 


©2004  iPass  Inc.  All  Rights  Reserved. 

iPass  and  the  IPass  logo  are  registered  trademarks  of  iPass  Inc. 


FOR  SECURITY  REASONS, 
WE’RE  RESTRICTING 
THE  MOVEMENTS  OF 
YOUR  MOBILE  USERS. 


Policy-managed  connectivity 
that  doesn’t  limit  how 
or  where  they  work. 

Now,  everywhere  is  There. 


Can  you  guard  your  corporate  network 
without  grounding  your  mobile  workforce? 
With  iPass,  they’re  good  to  go.  Ike  iPass 
Endpoint  Policy  Management  service  makes 
sure  users  are  updated  with  the  right  security 
measures  before  they  log  on,  automatically 
finding  and  fixing  problems  on  the  fly.  So 
you  can  stop  worrying,  and  your  workers  can 
keep  working — everylhere  they  go. 

&3004  iPoss  Inc.  All  Rights  Reserved. 

iPass  ond  the  iPass  logo  are  registered  trademarks  of  iPass  Inc. 


Get  the  iPass  Security 
Best  Practices  Guide. 

www.  iPassIsThere.  com 


m 

iPass 

Enterprise  Connectivity  Services 


Si  9a  ^Keltk  Skouuj 


ot  only  do  the  holidays  mean  things  like  mistletoe, 
parties  and  the  inevitable  trip  to  the  shopping  mall 
(or  online  shopping  mall),  but  they  also  mark  the 
start  of  awards  season.  The  movie  industry  holds 
the  Academy  Awards,  the  music  industry  holds  the 
Grammy  Awards,  and  this  year  Network  World  presents  the  Globeys 
—  as  in  snow  globe  awards  —  for  the  coolest  gifts  for  the  holidays. 
After  testing  more  than  130  high-tech  products  and  toys,  we  are 


proud  to  present  the  fifth  annual  Network  World  holiday  gift  guide.  If 
you  are  too  tired  from  your  year  of  keeping  the  bad  guys  out  of  the 
network,  or  too  busy  connecting  and  maintaining  and  upgrading  your 
network  to  figure  out  the  coolest  gifts  to  buy  for  friends,  relatives  or 
co-workers  (or  if  you  need  to  fill  out  your  own  list),  we’re  here  to 
help. 

The  best  part  about  the  Globeys?  No  Joan  Rivers.  So  let’s  go  to  this 
year’s  awards  and  start  ripping  open  some  envelopes . . . 
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oe&t  momto^  to  kefyx  ^ou  mjudtotafck: 

WINNER:  Samsung  173MW.  This  outstanding  17-inch  LCD  monitor  has  so  many 
different  inputs,  you  should  be  able  to  connect  any  type  of  video  device  to  it.  At  one  point  we  had 
our  cable  TV  (via  TV  tuner  input),  desktop  computer  (with  digital  video  input)  and  an  Xbox  game 
console  connected  to  the  monitor,  and  we  still  had  ports  left  Over  to  try  to  connect  a  DVD  player 
(or  other  component  video  device)  and  a  second  desktop  computer  (via  the  RGB  input);. 

Add  to  that  built-in  speakers,  a  great-looking  display  and  a  remote  control  that  lets  you  .perform 
several  picture-in-picture  options,  and  you  get  a  monitor  that  does  more  thansit  there  projecting 
a  video  image.  .  .  . ' .  V 

TLCH  SPECS:  Display  features  include  a  500-to-1  contrast  ratio,  a  0.289mm  pixet  pitch,  sup-, 
port  for  1.280  by  768  maximum  resolution,  a  140-degree  horizontal  viewing  angle  andliO ver¬ 
tical  viewing  angle.  About  S500.  ' 


oeAL  4|xacg,-<xoueA:  | 

WINNER:  mpc  clientpro  am  all-in-one. The  first  thing  you  or  your 
friends  might  say  when  opening  the  box  is  "Where's  the  computer?"  Everything  is  connect¬ 
ed  to  the  monitor,  including  the  CPU,  memory,  motherboard,  two  optical  drives  and  all  of  your 
inputs  (such  as  USB,  IEEE  1394  and  other  ports).  MPC  sells  15-,  17-  and  19-inch  varieties, 
and  it  comes  with  a  wireless  keyboard  and  mouse  to  eliminate  even  more  cables  and  con¬ 
nections. 

TECH  SPECS:  Intel  Pentium  4  processor  (3.2  GHz),  up  to  2G  bytes  of  RAM,  150G-byte  hard 
drive,  six  USB  ports  (two  on  the  side,  four  in  the  back),  Gigabit  Ethernet  port,  optional  TV 
tuner  card,  printer  port,  serial  port  and  built-in  802.11g  WLAN  (eliminating  even  the  Ethernet 
cable).  About  S2.000. 


WINNER  (TIE):  averatec  6200  notebook  and  Toshiba's  qosmio  notebooks.  Granted,  these  systems  still  have  a 
Microsoft  operating  system  on  them,  but  what  we  love  about  these  notebooks  is  that  if  you  want  to  watch  a  DVD  or  play  a  CD,  you  don’t  have  to  boot  up  the  sys¬ 
tem.  This  little  jab  at  Bill  Gates  makes  us  slightly  giddy. 

These  two  notebooks  also  are  not  meant  for  mobile  computing,  but  are  more  like  systems  you  can  throw  into  a  living  room.  Multimedia  features  and  large  screens 
make  these  more  appropriate  for  something  like  a  dorm  room  than  sitting  in  a  travel  bag.  Last  year,  thin  was  in.  This  year  it’s  all  about  the  screen  size,  baby. 

OTHER  SPECS:  Averatec:  AMD  Athlon  XP-M  2400+  processor,  512M-bytes  of  RAM,  60G-byte  hard  drive  and  802.11g  wireless  LAN.  About  81,300.  Qosmio:  Intel 
Pentium  M  735  processor  (1.7  GHz),  802.11g  and  Bluetooth,  80G-byte  hard  drive,  512M  bytes  of  RAM,  four  USB  2.0  ports,  IEEE  1394  port,  and  media  adapter  slots 
(Secure  Digital,  Memory  Stick,  xD).  About  $2,700. 
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De&t  monitor  cabta 

WIMMER:  sony  sdm-p23a  flat  panel 

LCD  monitor.  We  could  talk  about  the  LCD  monitor's  wide 
screen  (23  inches),  multiple  video  inputs  (two  analog,  one  DVI-D), 
native  resolution  (1,920  by  1,200),  brightness  (250  nits)  and  contrast 
ratio  (500:1),  but  what  really  floors  us  is  the  monitor's  cable  manage¬ 
ment  system.  We  have  tried  several  flat  panel  monitors,  and  hiding  the 
cables  becomes  a  chore  that  makes  it  not  worth  the  effort.  With  the 
SDM-P234,  the  back  slides  up  to  reveal  input  locations  for  the  differ¬ 
ent  video  connections,  and  then  uses  easy-to-open  clasps  that  keep  the 
cables  in  place  once  you  connect  them,  Hiding  the  cables  for  a  clean 
look  has  never  been  easier,  The  wide  screen  gives  the  multitaskers  on 
your  staff  the  ability  to  keep  lots  of  windows  open  while  they  are  work¬ 
ing,  instead  of  having  them  ALT-Tab  all  over  the  place.  Get  this  for  your 
highly  motivated  staff  members  or  just  splurge  this  holiday  season  and 
hook  this  up  to  your  new  kick-ass  gaming  PC.  About  $2,000. 
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WINNER:  epson  picturemate  personal  photo  lab 

(left,  $200)  and  photopc  l-aio  (above,  $200).  One  problem  with  printing 
your  digital  photos  at  home  is  they  often  look  iike  you  printed  them  at  home.  Epson 
marries  the  convenience  of  home  photo  printing  with  the  professional  quality  of  a  lab 
with  its  PictureMate  Personal  Photo  Lab.  Just  over  6  inches  high  and  10  inches  wide, 
the  PictureMate  packs  a  lot  in  a  little  package  —  without  the  use  of  a  computer,  Rug 
PictureMate  into  the  wall,  load  the  printer  with  4x6  glossy  photo  paper  and  turn  on 
the  unit  Slip  your  memory  card  (it  supports  ail  the  mqjor  cards)  into  the  slot  and 
PictureMate  reads  the  card  and  offers  to  print  up  a  contact  sheet  of  the  photos  on 
your  card.  Once  the  contact  sheet  prints,  choose  the  photos  you  want  and  hit  print. 
Or  connect  to  a  PC  or  Macintosh  via  USB  cable  (you  have  to  buy  your  own)  and  print 
out  photos  that  have  been  edited.  Take  the  inkjet  printer  you've  been  using  to  print 
photos  and  throw  it  away  (or  just  use  it  for  e-mails). 

The  L-4io  digital  camera  is  a  4-megapixel  digital  camera  with  great 
photo-taking  abilities  at  a  great  price.  We  took  hundreds  of  quality  photos  consis¬ 
tently,  with  the  help  of  auto-focus,  macro  mode  and  red-eye  reduction  features. 
The  camera  can  print  directly  to  a  supported  printer  via  USB  connection,  or  take 
the  Secure  Digital  card  out  of  the  camera  and  insert  it  into  the  PictureMate  to 
print  from  that. 
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WINNER:  monstergecko  pistolmoose  fps.  Don't  throw  this  gun¬ 
shaped  mouse  into  a  laptop  bag  if  you're  going  through  security.  But  if  you  bring  this  home  and  con¬ 
nect  it  to  your  desktop  computer,  you  will  love  playing  first-person  shooter  games  with  this  mouse 
instead  of  a  regular  mouse,  giving  you  the  feel  of  actually  shooting  a  gun.  Just  don't  bring  it  to  the 
bank  or  the  Quickie  Mart.  About  $70. 
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rvuJUAe:  WINNER:  benq  M3io  wireless  mini  optical  mouse  (above,  left).  Our  favorite  feature  on 
this  miniature  mouse  is  the  compartment  inside  the  mouse  that  stores  the  wireless  USB  connector.  When  you're  done  with  it,  there’s  no  worrying  about  two  com¬ 
ponents,  and  there’s  no  cord  that  you  need  to  wrap  up.  The  mouse  runs  on  two  AA  batteries,  and  has  a  range  of  about  4  feet,  large  enough  to  work  around  a 
hotel  desktop.  About  $40. 

^Be^t  cU&klofx  mo uAe-:  WINNER:  Logitech  mxiooo  laser  mouse  (left).  Throw  out  your  mouse  pad! 

The  cordless  MXIOOO  uses  laser  technology  to  accurately  scan  positional  data  on  almost  any  surface,  including  glossy  style  surfaces  (such  as  a  metal 
filing  cabinet).  The  mouse  includes  a  base  station  (which  connects  to  your  computer)  that  also  acts  as  a  recharger  for  the  battery  inside  the  mouse. 

The  mouse  is  extremely  comfortable  and  has  additional  buttons  that  let  you  multitask,  scroll  or  go  forward  or  back  when  Web  surfing.  About  $50. 


WINNER:  ultimate  ears.  If  you  want  to  feel  like  a  rock 
star  (without  the  nasty  consequences),  check  out  these  earphones  (oops, 
personal  monitors).  Ultimate  Ears  personal  monitors  are  molded  to  the 
shape  of  your  ears  and  provide  a  perfect  fit  for  listening  to  your  iPod  or 
other  music  player  (anything  with  a  2.5mm  headphone  jack). 

Because  they  fit  perfectly  in  your  ears  (and  your  ears  only),  there  is  no 
outside  noise  interference.  This  makes  listening  to  music  more  enjoyable  on  an  airplane  (you  don't 
have  to  turn  up  your  music  player  as  high  to  drown  out  the  engines).  As  a  bonus,  these  act  iike  a 
noise  canceller,  so  if  you  don’t  want  to  chat  it  up  with  that  bike  tire  salesman  from  Des  Moines,  you 
can  just  pop  these  in.  Because  these  are  custom-fitted,  the  Ultimate  Ears  come  with  a  hefty  price 
tag,  ranging  from  $500  up  to  $900.  But  once  you  try  them,  you'H  never  go  back  to  foam  fitted  head 
phones  again,  so  it  will  probably  be  the  last  set  of  earphones  (personal  monitors)  that  yon  ever  buy. 
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IBe^t  way  to  dike,  a  juiuc-’c 
WINNER:  hp  printable  tattoos.  The  HP  iPod  differs  very  little  from  Apple's 
iPod  for  the  PC,  with  one  exception:  stickers.  Or,  as  HP  calls  them,  “printable  tattoos."  While  the 
Apple  iPod  is  as  white  as  a  hospital  ward,  HP  provides  the  iPod  user  with  free,  colorful  and  down¬ 
loadable  skins  that  you  can  print  at  home  (on  an  HP  printer,  of  course)  and  stick  them  onto  your 
iPod.  HP  offers  a  library  of  tattoos  that  feature  themes  (such  as  candy  canes),  music  artists  and 
other  designs.  If  you  don't  see  what  you  like,  you  can  design  your  own.  It  made  us  fee!  like  a  12- 
year-old  again,  but  hey,  isn’t  that  what  the  holidays  are  about?  About  $299  for  the  iPod,  $  15  for 
10  sheets  of  tattoo  paper. 
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ALIENWARE 
AURORA  DESKTOP  GAMING  PC 

You  could  take  that  desktop  system  that 
you  use  to  edit  spreadsheets  or  do  the 
home  budget  on  arid  make  it  available  for 
computer  games,  but  you  wouldn't  get 
the  same  experience  as  you  do  with  an 
Alienware  system.  These  systems  are 
meant  for  computer  games  first  and 
foremost  and  have  the  latest  processor 
technology,  graphics  cards  and  sound 
cards  to  exploit  those  games.  We  installed 
Doom  3  on  our  test  system  and  couldn't 
believe  our  eyes  or  ears  about  how  well 
this  played. 

The  systems  are  large  (about  2.5-feet 
high)  and  loud,  but  your  kids  wi  think 
you're  the  coolest  parent  on  the  block, 
Systems  start  at  $1,000. 


WINNER:  robosapien.  Among  the  features  of  this  remote-controlled  robot  is  a  room 
security/motion  detection  system.  When  motion  is  detected,  the  robot  can  squeak  and  squawk  (or 
even  dance).  Other  features  include  the  ability  to  walk,  pick  up  objects  and  make  lots  of  different 
noises  (this  robot  has  attitude).  For  the  really  inspired,  you  can  program  the  robot  to  do  a  variety 
commands  in  succession.  Most  of  our  testers  were  freaked  out  by  the  robot,  but  it’s  a  fun  toy  and 
worth  the  price.  About  $90. 
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WINNER:  tritton  technologies  wireless 

nas.  This  box  adds  a  wireless  LAN  access  point  to  a  network- 
attached  storage  system,  letting  you  access  files  wirelessly  without 
having  to  go  through  a  regular  router  or  switch.  You  can  also  attach 
an  Ethernet  cable  from  this  box  to  an  existing  network  and  provide 
wired  or  wireless  access  to  the  files.  And  if  your  network  doesn't  yet 
have  a  wireless  component,  the  box  doubles  as  a  WLAN  access  point 
(802.11b  or  g)  to  give  network  access  to  wireless  clients.  The  sys¬ 
tem  includes  either  120G  or  200G  bytes  of  storage  capacities,  more 
than  enough  to  store  your  CO  and  photo  collection.  About  $500  for 
the  200G  byte  version.  m 


WINNER:  kanguru  zipper  2.2G-byte  hard 
drive.  Hard  drives  that  fit  onto  a  keychain  are  so  2002.  The  latest  "must 
have"  storage  form  factor  is  Kanguru's  Zipper  HD,  which  is  about  the  size  of 
a  tiny  pager.  The  hard  drive  comes  with  a  belt  clip  and  a  lanyard,  so  you  can 
wear  the  drive  around  your  neck  or  on  your  belt.  The  USB  connector  flips 
out  to  connect,  or  you  can  attach  an  extension  cord.  Comes  in  1G-,  2.2G- 
and  4G-byte  varieties.  The  2.2G-byte  model  we  tried  costs  $180. 


motivate,  gouA, 

MAYTAG  SKYBOX  PERSONAL  VENDING 


machine.  Network  guys  love  caffeine,  and  what  better  way  to 
store  all  of  those  sodas  than  your  own  personal  vending  machine? 
OK,  it’s  a  bit  of  a  stretch,  but  once  you  load  the  sodas  into  the 
machine,  press  the  button  and  listen  to  the  ka-thunk  of  your  soda 
coming  out,  you'll  be  hooked.  Get  one  for  your  overworked  staff, 
and  they'll  appreciate  you  even  more.  Better  yet,  put  a  donation 
cup  on  the  top  and  start  undermining  the  local  vending  machine 
provider.  Who  says  a  network  executive  can't  be  a  revenue  source 
for  their  company?  About  $500. 
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Management 


■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Keeping  IT  simple 

IT  shops  standardize  and  consolidate  systems  where  they  can  to  save  money  and  boost  efficiency. 


■  BY  DENISE  DUBIE 

For  Boeing,  streamlining  the  business  of  engineering  and  manu¬ 
facturing  aircraft  meant  first  simplifying  its  IT  applications. 

The  aerospace  giant  had  built  up  its  business  through  mergers  and  acquisitions.  By  2000, 
Boeing’s  IT  services  division  supported  more  than  4,500  applications  across  the  company 
“Boeing  is  a  large,  global  enterprise  that  was  created  from  the  merging  of  many  aero¬ 
space  companies  in  the  ’90s.  Consequently  we  had  a  large  number  and  variety  of  appli¬ 
cations.  As  we  became  more  integrated  as  a  company  our  feeling  was  that  our  systems 
were  too  complex  and  too  costly”  says  Boeing  CIO 
Scott  Griffin. 

Boeing  set  out  in  2000  to  cut  25%  of  its  applications. 

By  2004,  it  had  trimmed  the  number  of  applications  to 
3,100  —  a  reduction  of  about  one-third. 

According  to  Forrester  Research,  IT  consolidation 
and  simplification  is  a  growing  trend  among  compa¬ 
nies  looking  to  make  their  IT  shops  more  efficient,  pre¬ 
pare  for  regulatory  compliance  audits  and  cut  costs. 

“Businesses  must  look  at  how  to  reduce  the  cost  of 
routine  IT  maintenance.  Simplification,  standardiza¬ 
tion  and  consolidation  are  great  ways  to  do  that,” says 
Erin  Kinikin,  a  vice  president  at  Forrester. “When  com¬ 
panies  start  looking  at  multiple  systems  that  pretty 
much  do  the  same  thing,  it’s  questionable  if  they 
really  need  more  than  one.” 

For  Boeing,  it  was  clear  the  company  didn’t  need 
multiple  systems  across  offices  around  the  world  that 
performed  the  same  tasks.  Griffin  says  the  company 
first  began  to  identify  all  the  systems  they  had  in  place, 
monitor  how  they  were  used  and  determine  similari¬ 
ties  among  systems.  The  idea  wasn’t  to  entirely  wipe 
out  systems  but  to  find  the  value  in  an  application, 
extract  the  value  from  one  system  and  transfer  it  to 
another  that  performed  similar  functions. 

“We  went  looking  for  overlap  in  a  top-down  effort  in 
which  we  needed  to  prove  the  business  case  for  every 
application,”  he  says.  Boeing  had  14  proprietary  pur¬ 
chasing  systems  used  in-house  by  its  Hughes  Satellite 
Sector  and  Boeing  aviation  groups.lt  was  unnecessary 
to  support  all  the  systems,  and  now  two  purchasing 
applications  adequately  address  Boeing’s  needs. 

“Companies  need  to  figure  out  where  it’s  important 
for  them  to  innovate  and  where  it’s  just  the  cost  of 
doing  business,”  Kinikin  explains. 

For  Scott  Donaldson,  vice  president  of  software  dis¬ 
tribution  and  workspace  automation  at  financial  ser¬ 
vices  company  KeyCorp  in  Cleveland,  maintaining  a 
standard  set  of  images  for  workstations  not  only  makes  it  easier  for  IT  to  upgrade 
and  maintain  PCs  but  also  helps  employees  work  more  productively 
Donaldson  uses  change  and  configuration  management  software  from  HP’s  OpenView 
product  line.  He  says  two  staff  members  can  efficiently  manage  23,000  end-user  devices 
because  KeyCorp  reduced  and  standardized  the  variety  of  applications  and  images 
alk  >wed  on  desktops. While  workstations  aren’t  personalized  to  individuals,  employees  are 
:  Vt  ;  work  better  because  there  are  fewer  conflicts  among  pre-set  programs  and  the  sup- 
<  (  rt  sr.-/  it  can  address  problems  quickly  Using  the  HP  software  along  with  standard  systems 
helped  KeyCorp  save  more  than  $4  million  annually,  he  says. 


“We  had  100  different  desktop  images  and  the  variation  made  support  difficult,” 
Donaldson  says.“Now  knowing  the  user  has  one  of  a  limited  number  of  images,  less  than 
12,  makes  it  much  easier  to  roll  out  workstations  and  get  them  back  up  and  running. 
Standardizing  makes  it  simpler!’ 

Jim  Mileski,  systems  administrator  at  Financial  Partners  in  Agawam,  Mass.,  standardizes 
on  network  gear,  servers,  desktops,  laptops  and  applications.  The  company  sends  out  a 
download  CD  to  employees  each  quarter  to  update  server  and  client  machines  and  keep 
them  all  running  standard  applications. 

“Standardization  helps  automate  IT  tasks  because  I’m  only  supporting  six  end-user 
machines  in  theory,  for  example,  rather  than  thousands,”  Mileski  says.  “The  upfront  hard¬ 
ware  costs  to  get  standardized  could  be  more,  but  in  the 
long  run  getting  standardized  saves  in  labor  costs.” 

One  key  phase  of  IT  simplification  and  standardization  is 
defining  business  goals  and  identifying  the  processes  and 
technology  systems  that  can  support  them. 

“Our  approach  to  application  simplification  was  to  com¬ 
plete  a  business  case  with  our  internal  customers  on  every 
targeted  application.  When  the  cost  of  shutting  a  system 
down  —  data  conversion,  re-pointing  of  interfaces,  re-host- 
ing  of  functionality  —  could  be  offset  by  the  reduction  to 
sustaining  costs,  then  we  removed  the  system,”  Boeing’s 
Griffin  says. 

Taking  the  time  to  define  business  processes  is  critical  to 
any  standardization  effort,  Forrester’s  Kinikin  says.The  rea¬ 
son  most  companies  have  too  many  applications  all  doing 
similar  jobs  can  be  attributed  to  the  lack  of  standard  prac¬ 
tices.  She  advises  network  managers  to  first  get  their  arms 
around  desired  processes  and  then  compare 
applications  and  systems  against  the  processes. 
The  technology  that  aligns  with  the  people  and 
processes  should  be  kept;  those  that  require  a 
lot  of  customization  should  be  phased  out. 

“We  find  companies  that  take  on  simplifica¬ 
tion  or  consolidation  as  part  of  a  redefinition  of 
their  businesses  are  more  successful  than  those 
just  looking  to  cut  costs,”  Kinikin  says.  “De¬ 
pending  on  the  business,  it  could  be  more 
costly  to  consolidate  and  it  might  work  better 
to  remain  separate  and  flexible.” 

In  Boeing’s  case,  the  firm  is  pursuing  another 
IT  initiative  that  will  impose  common  systems 
across  the  organization.  One  facet  —  the  pro¬ 
cesses  —  of  the  project  uses  the  IT  manage¬ 
ment  best  practices  laid  out  in  the  Information 
Technology  Infrastructure  Library 
Boeing  will  implement  a  specific  computer- 
aided  design  tool,  CATIA  V5,  for  its  business 
model  dubbed  Complex  Vehicle  Design,  Build 
and  Support.  When  a  Boeing  team  begins  to 
build  hardware  such  as  a  fighter,  tanker  or  com¬ 
mercial  airline,  it  will  use  the  same  standard  tool  other  teams  building  large  equipment 
do.  Now  Boeing  provides  new  departments,  business  units  or  project  owners  with  an  IT 
tool  kit  that  stipulates  standard  systems,  applications  and  processes  and  how  they  should 
be  used  to  achieve  optimal  results. 

“Now  when  starting  a  project,  instead  of  asking  people  with  expertise  to  relocate  to 
where  the  proper  systems  are,  we  ship  the  work  to  them.  It’s  configured  to  our  standards, 
and  they  can  roll  it  out  and  get  working  more  quickly’ Griffin  says.B 


Application  support 

Boeing  identified  similar  features  among  4,500 
systems  running  across  the  aerospace  giant's  network 
and  managed  to  reduce  applications  by  about  30%. 
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Web -based  access 
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Cyclades  AlterPath™  KVM/net 
offers  a  unique  set  of  features: 

■  Server-based  authentication 

(NT  domain,  LDAP,  Secure  ID,  RADIUS,  TACACS+) 

■  16  and  32  port  models 

■  CAT5  cabling  up  to  500  feet 

■  User  access  logging 

■  System  event  syslog 

■  Integrated  power  management 

We've  worked  our  magic. 

Now  you  can  work  yours. 


Secure  KVM  over  IP  switch 


Over  80%  of  Fortune  100 
choose  Cyclades. 

www.cyclades.com/nw 

1.888.cyc!ades  «  sales@cyclades.com 


cyclades 
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KVM  over  IP 
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How  Do  You 

■ 

Securely  Reboot 

via  IP? 


Server  Technology 


Solutions  for  the  Data  Center  Equipment  Cabinet 


When  servers  and  network  devices 
in  the  data  center  lock-up,  network 
managers  need  fast,  secure  and 
reliable  tools  to  respond.  With 
Sentry™  Remote  Site  Managers, 
an  administrator  can  immediately 
reboot  a  remote  system  with  just 
a  few  mouse  clicks.  Sentry  also 
provides  accurate  input  current 
power  monitoring,  environmental 
monitoring  and  integrated  secure 
console  management  using  SSH. 


Sentry  Gives  You  Secure  Web/I P  Based  Remote  Site  Management 


"NEW!”  Secure  Shell  (SSHv2)  Encryption  « 
"NEW!"  SSLv3  Secure  Web  Browser « 
"NEW!"  Active  Directory  with  LDAP  « 
SNMP  MIB  &  Traps  « 
Integrated  Secure  Modem  « 
True  RMS  Power  Monitoring  « 
Outlet  Receptacle  Grouping  for  Dual-Power  Servers  « 
Fail-Safe  Transfer  Switch  for  Single-Power  Supply  Servers  « 
Power-up  Sequencing  Prevents  Power  In-rush  Overload  « 
Temperature  &  Humidity  Environmental  Monitoring  « 
Zero  U  &  Rack-mount  Models  « 
1 1 0/208  VAC  Models  with  30-Amp  Power  Distribution  « 
NEBS  Approved  -48  VDC  Models  Available  « 
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Server  Technology,  Inc 

Server  Technology,  Inc.  toll  free  +1 .800.835.1 51 5 

1 040  Sandhill  Drive  tel  + 1 .775.284.2000 

Reno,  NV  89521  fax +1.775.284.2065 

USA  .  , 

www.servertech.com 

sales@servertech.com 


ISO  9001:2000 
QUALITY 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology,  Inc 


Local  or  Remote  Server 


UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

High  quality  video  up  to  1280  x  1024 
Scaling,  scrolling,  and  auto-size  features 
Secure  encrypted  operation  with  login  and  computer 
access  control 

Advanced  visual  interface  (AVI) 

No  need  to  power  down  servers  to  install 
Free  lifetime  upgrade  of  firmware 
Available  in  several  models 
Easy  to  expand 


Connects  up  to  1000  computers  to  a  KVM  station 
Models  for  4,  8,16  computers 
Advanced  visual  interface  (AVI) 

Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

Free  lifetime  upgrade  of  firmware 

Security  features  prevent  unauthorized  access 

Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 

simultaneous  booting 

Easy  to  expand 


KVM  RACK  DRAWER  WiTH  KVM  SWITCH  OPTION 


800  333  9343 

WWW.ROSE.COM 


ELECTRONICS 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 


Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry’s  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 


Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


Rose  Electronics 
10-7U 7  Standiff  Road 
Hpuston,  Texas  77099 


HOST  US  h-281  933  7673 

HOSE  EUROPE  t  44  (0)  1 264  850574 
ROSE  ASIA  +  65  6324  2322 

HOSE  AUSTRALIA  l  617  3388  1540 


INSTRUMENTS 


OBSERVER 


How  much  can  your  network  analyzer  handle? 

Observer  is  the  only  fully  distributed  network  analyzer  built 
to  cover  your  entire  network  (LAN,  802.1 1  a/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  real-time  statistics,  more  expert  events  and  more  in-depth 
analysis  letting  you  monitor,  troubleshoot  and  manage  every  site 
on  your  network  with  one  complete  solution.  Choose  Observer. 


-SECUR  i  tv  conTROi  -  Watch  for  virus  and  hack  attacks  to 
quickly  isolate  infected  areas. 

-RLERT  -  Setup  Triggers  and  Alarms  on  any  network  threshold 
and  be  the  first  to  know  of  network  issues. 

-ret work  OMERLORD-  Monitor  bandwidth  utilization,  access 
point  utilization  rates  and  network  top  talkers  with  Real-Time  Statistics. 

US  &  Canada  toll  free  800.526.5958 
fax  952.932.9545 

UK  &  Europe  +44  (0)  1 959  569880 

www.networkmstruments.com/analyze 


SENSAPHONE® 

1 M1S4QDQ 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 


8  Rj-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Fire) 


Microphone 

for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


CDI  offers: 

Hardware  encryption  over  dial-up 
and  network  connections 
RSA  certified  SecurlD  authentication 
without  a  network. 

Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications  #- 

Remote  Power  control  • 

Homologous  world-wide  approved  »- 
internal  modems 


CDI  has  been  building  encryption  equipment  lor  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military 


Communication  Devices  Inc. 
www.outofbandmanagement.com 


Terminal  server  vendors,  who  proclaim  that 
they  have  Secure  Out  Of  Band  products,  rely 
on  RADIUS,  TACACS+  and  other  in-band 
protocols  to  provide  security.  By  inference, 
they  imply  they  secure  out  ot  band  access 
when,  in  tact,  they  otter  only  network  security, 
which  conflicts  with  out  of  band  access. 


A  true  Secure  Out  ot  Band  Management 
solution  should  provide  strong  security  without 
reliance  upon  network  based  protocols. 
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www.nwfusion.com 


Mol  Power  on  Any  AC 
Fiiwerefi  Device ... 

Via  Web  Browser,  Teinet, 

Modem  or  Local  Terminal 

Servers,  routers,  and  other  electronic  equipment 
occasionally  “lock-up”,  often  requiring  a  service  call 
to  a  remote  site  just  to  flip  the  power  switch  to  perform 
a  simple  reboot.  With  WTI’s  Remote  Power  Switches, 
you  can  perform  reboot  and  On/Off  control  from 
anywhere! 
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Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

115  VAC  and  230  VAC  Models 
Sixteen  (16)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 

Also  Available  in  4,  8  &  16  Plug  Models  and 
Horizontal  1U  and  2U  Models 

Web  Browser  Interface 
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Want  an  On-Line  Demo? 

Just  call  or  email  and  you’ll  see  for  yourself  why  so  many 
network  professionals  choose  WTI. 


Yes,  We  are  Customer  Friendly! 

V  Two  Year  Warranty 

V  We  Stock  for  Same  Day  Shipment 

V  30  Day  No-Fee  Return  Policy 

V  Start-up  Cables  and  Rack  Kits  Included 


Dual 

Power 

Inputs 


□ 

□ 


►del 
NBB-1600 

www.wti.com 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517  •  (800)  854-7226 


dt  Search* 


Instantly  Search 
Gigabytes  of  Text 
Across  a  PC,  Network,  Intranet  or  Internet 

Publish  Large  Document  Collections  to  the  Web  or  to  CD/DVD 

♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML,  &  PDF  while  displaying  embedded  [inks,  formatting  &  [friMi&i 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email,  ZIP,  Unicode,  etc.) 
to  HTML  for  display  with  highlighted  hits 

“The  most  powerful  document  search 
tool  on  the  market”  -Wired  Magazine 

“Intuitive  and  austere ...  a  superb 
search  tool”  -PC  World 

“Blindingly  fast”  -Computer  Forensics: 

Incident  Response  Essentials 

“A  powerful  arsenal  of  search  tools” 

-The  New  York  Times 


dtSearch  “covers  all  data  sources ...  \ 
powerful  Web-based  engines”  -eWEEttl 

“Searches  at  blazing  speeds” 

-Computer  Reseller  News  Test  Center 

In  the  past  two  years,  over  half  of  the 
Fortune  15  purchased  dtSearch 
developer  or  network  licenses. 

See  www.dtsearch.com  for: 

♦  hundreds  of  developer  case  studies  &  reviews 

♦  fully-functional  evaluations 

1  -800-IT-FINDS 

sales@dtsearch.com 


"Industrial-strength 
|  superb'’ -PC  Magazin 

♦  from  $2,500 


Industrial-strength  ... 

sugerb"— pc  Wagazjj * 

♦  from  $800 


The  Smart  Choice  for  Text  Retrieval*  since  1991 
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If  it’s  Oil  the  N  WORLDWIDE  PROVIDER 

networks  *■  -  r  OF  NETWORK 

vie’Ve  got  it!  HARDWARE 

I  !•-.  SINCE  1981! 

•  NetWork  Hardware 
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Memory 


Accessories 
_ salesifewrca.net  -  (800)  699-9722  x102 


FIBER  OPTIC  ToLUTIOK! 

►  Tl/El  &  T3/E3  Modems 

*  RS-232/422/485  Modems  and 
Multiplexers 

*  IBM  3270  Coox,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

►  LAN  -  Arcnet/Ethernet/Token  Ring 

►  Video/Audio/Hubs/Repeaters 

►  ISO-9001 

*  USB  Modem  and  Hub 

s.i.TECH 

Toll  Free  866-SITech-l 
630-761-3640,  Fax  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 


DILUTE  YOUR  DEBT! 

Dilute  your  debt  with  Resource  Lynx,  the  top  lending  institution  in 
North  America  with  the  perfect  resources  to  help  you  be  financially  free. 
Resource  Lynx  guarantees  service  perfection  in  all  financial  needs! 

•  Debt  Consolidation  •  Refinancing 

•  All  Mortgages  •  Business 

•  Personal  help  and  much  more 

It  only  takes  one  phone  call,  48  hours  and  professional  help  to 
conquer  and  defeat  your  creditors.  At  Resource  Lynx  we  have  all  the 
answers  to  your  problems  so  call  now  888-524-1185  to  refine  your  credit! 

LIBERATE  YOURSELF 


Phone  #  1-888-524-1185  Fax#  1-888- 


it  careers 


Programmer-Analyst  II  for  NE 

OH;  Plan/develop/test/docu¬ 
ment  computer  programs;  apply 
experience  of  programming 
techniques  and  comp  systems; 
evaluate  user  request  for  new/ 
modified  programs;  enter  pro¬ 
gram  codes  into  comp  system/ 
to  design  software/websites; 
and  digitize  images.  Masters/ 
MBA  in  MIS  or  Bachelor's  in 
Comp  Sci/Engineering.  3  yrs 
Exp/job  related,  including  prev 
work  w/.NET  Framework,  Win¬ 
dows,  VB,  VC++,  Flash,  Java, 
JSP,  JewelScan,  Oracle,  Ac¬ 
cess,  Word,  PowerPoint;  devel¬ 
oping  Jewelry  business  software 
and  troubleshooting  hardware 
and  software  problems  and  en¬ 
hancing  images  using  Photo¬ 
shop  req.  Travel  req.  Resumes 
(no  calls)  to  25200  Chagrin  Blvd. 
Suite  101,  Beachwood,  OH 
44122.  EOE. 


F/T  Junior  Software  Engineer. 
Responsible  for  the  develop¬ 
ment,  maintenance,  and  en¬ 
hancement  of  applications  run¬ 
ning  in  a  real-time  operating  sys¬ 
tem.  Responsible  for  the  devel¬ 
opment  of  utilities  on  various 
platforms  using  C  and  C++. 
Must  have  a  Bachelor’s  degree 
in  Computer  Science  &  Engin¬ 
eering,  related  field,  or  foreign 
degree  equivalent.  Educational 
background  must  have  included 
C  and  C++.  Salary:  Competitive. 
Send  resume  to:  Srivatsan 
Ramachandran,  AMI,  6145F 
Northbelt  Pkwy.,  Norcross,  GA 
30071. 


F/T  Jr.  Software  Engineer.  Re¬ 
sponsible  for  development, 
maintenance,  and  enhance¬ 
ment  of  applications  running  in 
a  real-time  operating  system. 
Responsible  for  the  develop¬ 
ment  of  utilities  on  various  plat¬ 
forms.  Must  have  a  Bachelor's 
degree  in  Electrical  Engineer¬ 
ing,  related  field,  or  foreign 
degree  equivalent.  Educational 
background  must  have  included 
DOS,  Windows  95/NT,  UNIX, 
and  Linux.  Salary:  Competitive. 
Send  resume  to:  Srivatsan 
Ramachandran,  A.M.I.,  6145-F 
Northbelt  Parkway,  Norcross, 
GA  30071 . 


Technical  Writer,  Northport,  AL 
(2  positions):  Analyze  &  docu¬ 
ment  client  business  processes 
to  integrate  technology.  Prepare 
system  &  program  specifica¬ 
tions;  document  program  &  sys¬ 
tem  logic;  prep.  &  maintain  user 
guides  &  technical  manuals; 
monitor  system  changes:  devel¬ 
op  &  document  recovery  plans, 
standard  ops  procedures  & 
equip.  maintenance.  Req: 
Bachelors  (or  foreign  equiv.  or 
equiv  in  experience  and/or  edu¬ 
cation)  in  Comp.  Applications  or 
Engineering  or  related  fields  +  2 
yrs  exp.  in  job,  or  2  yrs  perform¬ 
ing  technical  documenting  of 
systems.  Mail  resume  to:  HR, 
Applied  Infotech,  501  Bridge 
Ave,  Northport,  AL  35746. 


F/T  Software  Engineer.  Respon¬ 
sible  for  developing,  enhancing, 
maintaining  Network/Storage 
software  components  using 
Assembly,  C,  C++,  and  RTOS. 
Support  OEMs  who  are  using 
these  components.  Work  with 
Test  and  Validation  groups  to 
ensure  component  is  tested 
thoroughly  using  iSCSI  and 
MPLS.  Follow  Software  Devel¬ 
opment  Procedures.  Use 
Source  Code  Control.  Provide 
technical  documentation  and 
regular  status  reports  to  man¬ 
agement.  Must  have  a  Bach¬ 
elor's  degree  in  Electronic  and 
Communication  Engineering, 
related  field,  or  foreign  degree 
equivalent.  Must  have  1  yr.  of 
exp.  in  job  offered  or  a  position 
with  same  duties.  Salary:  Com¬ 
petitive.  Send  resume  to:  Srivat¬ 
san  Ramachandran,  AMI,  6145F 
Northbelt  Pkwy.,  Norcross,  GA 
30071. 


Systems  Analyst/Programmer 
Sr.,  Charlotte,  NC.  Rsp.  for  initial 
deployment  &  ongoing  support 
of  computer  apps.  Reqs.  BA  in 
Comp.  Science.  2yrs.  exp.  in 
pos.  offd.  or  as  IT  Staff  Consul¬ 
tant.  The  2yrs.  exp  must  incl. 
work  w /  software  analysis,  de¬ 
sign,  dev.  &  implem.  using  Java, 
incl.  Java  Servlets  (Single  Serv¬ 
let  Model),  JSP,  Java  Beans, 
JavaScript,  JDBC,  JNDI,  &  JMS, 
w/  develop,  tools  such  as 
WSAD,  for  deployment  on  IBM 
WebSphere  Server  on  a  UNIX 
platform,  as  well  as  exp.  dev. 
web-based  apps.  utilizing 
HTML,  XML,  XSL  &  LDAP  (or 
similar  tech.),  &  exp.  working  w/ 
Oracle  &  DB2  databases.  Must 
have  Sun  Java  Programmer 
Cert.  M-F,  8-5,  Send  resume  to 
Randy  Buck,  Wachovia  Corp., 
1525  West  W.T.  Harris  Blvd., 
NC0775,  Charlotte,  NC  28288- 
0775.  No  phone  calls. 


Computers  -  Senior  Technical 
Consultants  needed.  Seeking 
qualified  candidates  possessing 
BS  or  equiv.  and/or  rel.  work 
exp.  Duties  include:  Develop 
business  implementation  strate¬ 
gies  &  address  specific  issues 
that  arise  during  implementa¬ 
tion;  Provide  configuration  man¬ 
agement  to  DBA  staff  for  devel¬ 
oped  software  &  troubleshoot 
products;  Work  with  Oracle  ERP 
Applications,  Developer  2000, 
Oracle  Workflow  Builder,  Oracle 
J  Developer,  PL/SQL  &  Oracle 
Discoverer.  Fwd.  resume  &  ref¬ 
erences  to:  Core  Services  Corp¬ 
oration,  Attn:  HR,  610  Rahway 
Avenue,  2nd  Floor,  Union,  NJ 
07083. 


Programmer-Analysts  needed  to 
analyze,  dsgn,  dvlp  telecom 
inventory,  provisioning  &  activa¬ 
tion  systms,  banking  &  fin'l  acctg 
systms  using  C/C++,  Java,  STL, 
Shell  Scripts,  sed,  AWK,  PERL, 
Purify,  Informix,  Oracle,  CVS, 
Tuxedo,  CEM,  UML,  XML, 
Xerces,  XMLSpy,  HTML,  TL1, 
Apache,  Tomcat,  Windows, 
UNIX,  HP-UX,  Solaris  &  Linux. 
Resume  to  Global  Consultants, 
Attn:  Hireme,  25  Airport  Rd, 
Morristown,  NJ  07960 


F/T  Software  Engineer.  Re¬ 
sponsible  for  designing  generic 
modules/device  drivers  using 
C/C++.  Review  the  design  of 
the  modules  using  software 
engineering  methodologies  and 
Windows  NT.  Develop  the  cor¬ 
responding  modules  using 
bootloader.  Debug  and  test  the 
modules  using  different  meth¬ 
ods  and  test  equipments  used 
in  embedded  environment  e.g. 
Logic  Analyzers.  Must  have  2 
yrs.  of  exp.  in  job  offered  or  a 
position  w/  same  duties.  Must 
have  a  Bachelor’s  degree  in 
Computer  Science  &  Engineer¬ 
ing,  related  field,  or  foreign 
degree  equivalent.  Salary: 
Competitive.  Send  resume  to: 
Srivatsan  Ramchandran,  AMI, 
6145-F  Northbelt  Pkwy., 
Norcross,  GA  30071. 


IT  CAREER  OPPORTUNITIES 

GEORGIA  -  Technical  Analyst/ 
Computer  Systems  Analyst 

ILLINOIS  -  Senior  Member  of 
Technical  Staff/  Computer  and 
Information  Systems  Manager 

MASSACHUSETTS*  -  (HQ  of 
CSC  Consulting,  Inc.)  -  Employ¬ 
ment  is  throughout  U.S.  Senior 
Consultant  /Software  Engineer 

Positions  require  a  BS  and/or 
relevant  experience;  a  combina¬ 
tion  of  experience  and  college 
level  education  may  be  accept¬ 
ed.  The  flexibility  to  travel  and 
be  on-call  may  be  necessary. 
Proof  of  legal  authorization  to 
work  in  the  U.S.  is  required. 
Please  forward  your  resume  to 
Computer  Sciences  Corp.,  Attn: 
J.  Le,  2100  E.  Grand  Ave.,  Mail 
Code  A209,  El  Segundo,  CA 
90245.  Please  indicate  the  spe¬ 
cific  occupation  and  location  for 
which  you  are  applying. 


Embedded  Software  Eng. 
wanted  by  company 
engaged  in  graphics  and 
multimedia  technology 
design,  manufacturing  and 
marketing.  Requires  Bach, 
in  CS  or  EE  plus  2  yrs  exp. 
including  Set  Top  Box 
methodologies  and  ATSC. 
Reply  to  ATI  Research,  Inc. 
H.R.  Dept.,  Attn:  K.B.,  62 
Forest  Street,  Marlborough, 
MA  01752. 


RPG  Programmer.  Design  soft¬ 
ware  using  programming  in 
Report  Program  Generator  II 
(RPGII),  Operation  Control 
Language  (OCL),  California 
Software  Baby  36  Graphic  User 
Interface  and  Visual  Basic.  Use 
of  correlation  analysis  forecast¬ 
ing  and  delivery  routing  opti¬ 
mization.  Update  and  support  of 
current  system.  Troubleshooting 
and  fix  existing  application  prob¬ 
lems  for  help  desk.  Require 
Bachelor's  degree  or  will  accept 
a  Master's  degree  in  Computer 
or  Industrial  Engineering. 
Prevailing  salary.  Must  have 
indefinite  work  authorization. 
Send  resume  to  humanre- 
sources@suburbansoftware.com 


Programmer/Systems  Analyst. 
Participate  in  solution  delivery; 
developing  prototypes,  writing 
analysis  and  design  documents, 
ensuring  operational  control  of 
systems,  installing  software, 
writing  and  testing  code,  and 
debugging  software  programs. 
Must  have  Bachelor's  in  Com¬ 
puter  Science  or  related,  1  yr 
exp  plus  knowledge  of  Oracle 
Developer  2000  (Forms,  Re¬ 
ports,  Graph  &  Menu),  PL/SQL, 
SQL*  Plus.  SQL*  Loader,  Pro*C, 
and  Discoverer  2000.  Send 
resume  to  Fastek  International, 
Attn:  David  Kemper,  1425  60th 
St.  NE,  Cedar  Rapids,  IA  52402. 


Comp:  S/W  Engrs  (hvg  Mast 
Deg  w/2  or  Bach  Deg  w/5  yrs 
exp)  &  Progmr  Analysts  w/ 
exp  req'd.  Exp  must  incl 
combinations  of  C,  C++, 
VC++,  Visual  Basic,  Java, 
PB,  SQL,  PL/SQL,  SAP, 
Peoplesoft,  Siebel,  Informati¬ 
cs,  BusinessObjects,  Ess- 
base,  Cognos,  MicroStrate- 
gy,  Oracle,  Sybase,  DB2, 
Unix  &  Windows  NT.  Apply  to 
HRD,  Millennium  Information 
Tech,  Airport  Office  Center, 
2348  Post  Road,  Warwick, 
Rl  02886. 


Quality  Assurance  Mgr., 
Wachovia  Corp.  Charlotte. 
Oversee  QA  for  risk  mgmt.  tool. 
Reqs.  BA  Comp.  Science,  Math, 
or  Finance  &  5  yrs  exp.  in  pos. 
offd  or  as  a  Sr.  Consultant  or  IT 
Project  Mgr.  The  5  yrs.  must 
incl.  IT  business  analysis,  sys¬ 
tem  testing  &  fin,  appl.  support  in 
Unix,  J2EE,  Sybase,  Oracle  & 
work  w /  FX  products  &  risk 
mgmt.  reporting.  3  must  incl.  QA 
mgmt.  &  proc.  using  capability 
maturity  model  in  Level  5  envi¬ 
ron.  &  six  sigma.  Must  possess 
PMP®  cert.  M-F,  8-5,  Send 
cvr./resume  to  Meredith 
Elberson,  Wachovia  Corp.,  401 
S.  Tryon  Street,  15th  Floor, 
Charlotte,  NC  28288-0475.  No 
phone  calls. 


IT 


careers.com 


Sr.  Programmer  Analysts... 

...needed  for  Intermountain  Health  Care 
located  in  Salt  Lake  City,  UT. 


Seeking  qual.  candidates  possessing  MS  or  equiv.  and/or 
rel.  work  exp.  Part  of  the  req.  relevant  exp.  must  include  4 
yrs.  working  with  FACETS  &  Crystal  Reports.  Duties 
include:  Design,  develop  &  implement  character  based  & 
reporting  software  solutions  &  GUIs;  Analyze  system 
requirements  to  determine  feasibility,  effort  &  time 
required;  Work  with  FACETS,  Visual  Basic,  Sybase  SQL 
Server,  Unix  Shell  Scripts,  Crystal  Reports  &  Java. 


Please  visit  our  website  at 

www.ihc.com 

for  our  online  application, 

job  reference  #17574. 
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IT  company  based  in  Nashua, 
NH  requires  Programmer  Analy¬ 
sts,  Systems  Analysts,  Software 
Engineers,  Systems  Administra¬ 
tors  and  Database  Administrat¬ 
ors  having  a  minimum  of  Bach¬ 
elors  or  Master's  or  Equivalent 
Degree  and  1-3  years  of  experi¬ 
ence  in  client  server  technolo¬ 
gies,  designing,  developing  and 
implementing  web  based  appli¬ 
cation  packages  using  C,  C++, 
Java,  Java  Script,  EJB,  XML, 
VB.VC++,  Unix,  PL/SQL,  ASP, 
VB.Net,  ASP.Net  and  C#,  SAP 
R/3,  SD.  MM,  FI,  ABAP/4,  ALE/ 
EDI,  BW,  PeopleSoft,  Oracle, 
Sybase  &  MS-SQL  Server,  AS/ 
400  RPG  ILE,  Sun  Solaris,  HP- 
Unix,  Linux,  AIX,  Windows  NT/ 
Windows  2K,  Siebel,  Oracle  Fi¬ 
nancials,  Win  Runner,  Load 
Runner,  Rational  Robot,  Test 
Suit,  Lotus  Notes,  Domino,  Lot¬ 
us  Script,  Powerbuilder,  Delphi. 
Please  mail  resume  to  Software 
Research  Associates,  Inc.  d/b/a 
Nil,  HR  Department,  76  North 
Eastern  Blvd.,  Suite  29-A/38-A9, 
Nashua,  NH  -  03062. 


SOFTWARE  ENGINEER  to  pro¬ 
vide  on-site  consultancy  in 
design,  development,  cus¬ 
tomization,  testing  and  mainte¬ 
nance  of  e-commerce  web- 
enabled  applications  software 
using  Java,  JSP,  DB2,  COM, 
DCOM,  VB,  ASP,  Rational  Rose, 
Rational  RequistePro,  UML, 
Oracle  and  SQL  Server;  create 
database  objects;  code  man¬ 
agement,  requirement  manage¬ 
ment  and  code  integration. 
Require:  Bachelor's  (or  equiva¬ 
lent)  in  Computer  Science  and 
five  years  experience  in  the  job 
offered  or  any  experience  pro¬ 
viding  skills  in  described  duties. 
40%  travel  required  to  client 
sites  within  the  United  States. 
Competitive  salary  and  benefits, 
40-hour/week,  9  am  to  5:30  pm, 
M-F.  Apply  with  resume  to: 
President,  K2  Technologies, 
Inc.,  9471  Brentwood  Drive, 
Suite  74,  Lavista,  NE  68128 


Sr.  Software  &  Sys.  Engg,  NH- 
Design,  develop,  and  implement 
software  applications  using  C, 
C++,  Cobol,  Pro'C',  Pascal, 
CLISP,  Java,  JavaScript,  VB 
Script,  ASP.net,  Perl,  Crystal 
Reports,  Power  Builder,  Unix, 
IPC,  TFTP,  UML,  UDP  etc; 
Develop  databases  using 
Oracle,  Informix,  SQL  Server 
and  Sybase;  Provide  program¬ 
ming  using  multi-threading, 
sockets,  IPC,  windows-SDK, 
Shell  and  TCP/IP;  Develop 
GUI's  using  MFC  and  Java  AWT; 
Responsible  for  network  system 
application  development  using 
Mobitex,  CSD,  GSM  and  GPRS; 
Configure  management  system 
using  Rational  ClearCase, 
PVCS,  Sublime  and  Microsoft 
Source  Safe;  Perform  mainte¬ 
nance  development  and  code 
optimizations;  Define  and  gener¬ 
ate  objects  and  source  code; 
Analyze,  evaluate  and  prepare 
program  specifications  and  trou¬ 
bleshoot  technical  problems. 
Req.  master's  or  equivalent 
degree  in  CS  +  5  yrs  of  exp.  @ 
sal.  $87,000p.a.  +  Send  2 

copies  of  resume  to  Job 
Order#2004-555,  P.O.  Box  989, 
Concord,  NH  03302-0989. 


Software  Engineer  (2  positions) 
various  locations  -  Research, 
design  and  develop  computer 
software  systems  in  conjunction 
with  hardware  product  develop¬ 
ment  applying  principles  and 
techniques  of  computer  science, 
engineering  and  mathematical 
analysis.  Requires  4  yrs  exp  in 
job  offered  or  4  yrs  exp  as 
Programmer  Analyst  or  Systems 
Analyst.  Must  have  1  -yr  exp 
using  Active  Server  Pages  and 
SQL  Programming.  5  day,  40 
hr/wk,  $73,665/yr.  Please  mail 
resumes  to  Workforce  Develop¬ 
ment  Programs,  PO  Box  46547, 
Denver,  CO,  80202  and  refer  to 
order  number  C05097011. 


F/T  Software  Engineer.  Respon¬ 
sible  for  design,  develop,  en¬ 
hance,  and  maintain  Network 
Storage  Server  software  compo¬ 
nents  using  various  operating 
systems  and  computer  network¬ 
ing  technologies.  Design  and 
analyze  the  software  compo¬ 
nents  for  various  computer  orga¬ 
nizations  using  various  data 
structures,  advanced  algorithms 
and  database  management 
techniques.  Coding  and  debug¬ 
ging  the  software  components 
using  Higher  level  and  Assemb¬ 
ler  level  languages.  Develop  us¬ 
er  interfaces  using  E-commerce 
techniques.  Follow  software  en¬ 
gineering  procedures  through¬ 
out  life  cycle  of  development. 
Must  have  a  Masters  degree  in 
Computer  Science  and  Engin¬ 
eering,  related  field  or  foreign 
degree  equivalent.  Educational 
background  must  have  included 
Data  Structures  and  Algorithms, 
Computer  Organization,  Oper¬ 
ating  Systems,  Computer  Net¬ 
works,  Software  Engineering, 
Database  Management  Syst¬ 
ems,  Topics  in  Design  and  An¬ 
alysis  of  Advanced  Algorithms, 
Higher  Level  Language  Lab, 
Assembler  Level  Language  lab, 
and  E-Commerce.  Salary:  Com¬ 
petitive.  Send  resume  to:  Srivat¬ 
san  Ramachandran,  AMI,  6145F 
Northbelt  Pkwy.,  Norcross.  GA 
30071. 


Western  Computer  is  looking 
for  a  Business  Analyst/Navis- 
ion  Implementation  Specialist/ 
Navision  Support  Specialist/ 
Project  Manager  with  a  Bach¬ 
elors  or  equivalent  and  experi¬ 
ence  in  related  occupation  to 
analyse,  train,  implement  man¬ 
age  using  Microsoft  Navision 
based  software.  Strong 
Accounting  knowledge  is  pre¬ 
ferred.  Please  send  resumes 
to  Diane,  Western  Computer, 
960  Enchanted  Way,  Ste  104, 
Simi  Valley,  CA  93065  or  email 
dianee@westerncomouter.com. 
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COMPUTER  -  Senior  Network 
Engineer  (Itasca,  IL):  Utilize 
skills  in  multi-protocol  and  multi¬ 
platform  networks  to  develop 
networking  strategies,  network 
design  and  sound  network  man¬ 
agement  approaches.  Use  stru¬ 
ctured  methodology  and  engage 
in  the  analysis,  design  and  im¬ 
plementation  of  complex  sys¬ 
tems.  Development  of  require¬ 
ments,  project  management, 
and  design  and  implementation 
of  complex  systems.  Must  have 
a  Bachelor's  Degree  or  equiva¬ 
lent  in  Computer  Science,  CIS 
or  related  field.  (Will  accept 
three  years  of  experience  in  lieu 
of  every  1  year  of  education) 
and  have  5  years  experience  in 
the  job  offered  or  in  a  position 
implementing  Microsoft  Direct¬ 
ory  services  and  applications. 
Experience  may  been  obtained 
concurrently  and  must  include: 

(i)  2  years  design  in  architecture 
of  Microsoft  directory  services 

(ii)  2  years  of  experience  in  de¬ 
sign  level  Microsoft  System 
Management  Server  (SMS)  or 
Microsoft  Exchange  (iii)  3  years 
each  design  experience  in  tech¬ 
nologies  that  support  the  follow¬ 
ing  systems  DNS,  DHCP,  and 
TCP/IP  (iv)  3  years  experience 
in  drafting  of  technology  docu¬ 
mentation  (v)  1  year  of  supervi¬ 
sory  experience  (vi)  2  years  of 
experience  in  product  manage¬ 
ment  and  project  management 
methodologies  and  (vii)  Must  be 
willing  to  travel  nationwide  as 
needed  on  a  100%  basis.  Must 
have  legal  authority  to  work  in 
U.S.  Send  resume  to  Anthony 
Murphy  (SNE),  Spherion  Corp¬ 
oration,  One  Pierce  Place.  Ste. 
550W,  Itasca,  IL  60143. 

SOFTWARE  ENGINEER 

Duties:  St.  Petersburg,  Florida. 
Responsible  for  playing  an 
active  role  in  the  life  cycle 
stages  of  planning,  requirement 
definition,  design  development, 
testing  and  support.  Utilizes 
complex  logic  and  works  on  and 
often  leads  projects  that  are  of  a 
high  degree  of  complexity  often 
involving  more  system  integra¬ 
tion  and  complex  architecture. 
Will  also  mentor  PA's  during  the 
life  cycle  stages  and  lead  mod¬ 
erately  complex  projects. 
Coordinate  assignments  for  a 
programming  team.  Will  be 
heavily  involved  at  the  develop¬ 
ment  level  in  highly  complex 
customizations  and  new  applica¬ 
tion  developments  and  will  be 
extremely  active  in  the  testing 
stage  in  the  area  of  defect 
enhancement.  In  addition,  will 
function  as  the  go-to  person  dur¬ 
ing  the  development  and  imple¬ 
mentation  stages  of  the  Life 
Cycle;  play  an  integral  role  in 
system  integration  and  the  sys¬ 
tem  interaction  within  the  busi¬ 
ness;  play  a  heavy  role  in  the 
analysis  and  design  stages;  and 
play  a  technical  leadership  role. 
Requirements:  Bachelor's  deg¬ 
ree  in  Computer  Information 
systems  or  equivalent  and  4 
years  of  experience  in  the  job 
offered.  Salary:  67,000/year, 
Hours:  40-hour  week,  8AM  - 
5PM.  Contact:  Send  resume  to: 
Agency  for  Workforce 

Innovation,  P.O.  Box  10869, 
Tallahassee,  FL  32302.  JOFL# 
2574479. 

DSR  Management  Inc.,  a  fast 
growing  software  Development 
Company  is  looking  for  the  fol¬ 
lowing  personnel: 

1 .  Software  Engineer:  BS  in  co¬ 
mputer  science/related  field  with 

1  year  experience  in  Software. 
Analysis,  design  and  develop¬ 
ment  with  any  four  of  the  follow¬ 
ing:  Assembly,  C  Programming, 
Computer  Interfacing,  EMC, 
EMI.  Controller  Area  Network 
(CAN),  VHDL,  Verilog,  CPLD, 
FPGA. 

2.  Software  Engineer:  Dsgn  & 
dvlp  software  sys  &  applns  using 
Visual  C++,  Java,  JSP,  Java- 
Beans,  C#,  ASP.NET,  ADO.NET, 
Vignette  Story  Svr,  Tc/Tk  &  relat¬ 
ed  tools.  Perform  client  &  server 
side  scripting.  Dvlp  relational  da¬ 
tabases  using  SQL,  Oracle  PL/ 
SQL  and  related  technologies. 
Requires  M.S.  or  equiv  in  Comp 
Sc  &  1  yr  of  relevant  exper. 

3.  QA  Analyst:  Test  multi-tiered, 
web  enabled  e-commerce  appli¬ 
cation  using  (VSS,  Win  Runner, 
Load  Runner,  Test  Director,  VB, 
ASP).  Insure  integrity  of  data  ac¬ 
cess  and  transmission.  Requires 
BS  in  CS  or  equiv,  and  1  yr  exp. 

4.  Programmer  Analyst:  Develop 
/Write  computer  pgms  (Java, 
J2EE,  Struts,  XML,  Builder)  to 
store,  manipulate,  retrieve  & 
report  data.  Requires  BS  (CS / 
Math/or  Eng),  lyr  of  exp,&  proof 
of  legal  auth  to  work  in  US. 

We  accept  foreign  education 
equivalent  of  the  degree,  or  the 
degree  equivalent  in  education 
and  experience.  All  of  the  above 
positions  require  proof  of  legal 
authorization  to  work  in  US. 
Apply:  HR,  DSR  Management, 
Inc.  One  Rotary  Center,  1560 
Sherman  Ave,  Suite  620,  Evan¬ 
ston  IL  60201  or  via  email  at 
resumes@dsrminc.com. 

Computer  Professionals  (Mult- 
piple  Openings)  Software 
Engineer,  Programmer  Analyst, 
Database  Analyst,  Systems 
Analyst,  Administration/Network 
Administrator.  Positions  offered 
require  the  minimum  of  a 
Master's  degree  with  a  minimum 
of  one  year  experience  the 
applications  listed.  In  lieu  of 
Master's  Degree,  employer  is 
willing  to  accept  a  Bachelor's 
Degree  along  with  five  (5)  years 
of  progressive  professional 
experience.  Please  note, 
employer  is  willing  to  accept  a 
foreign  degree  if  it  is  determined 
to  be  the  U.S.  Equivalent  to  a 
Master's  Degree  or  the  U.S. 
Equivalent  to  a  Bachelor's 
Degree  along  with  five  (5)  pro¬ 
gressive  professional  experi¬ 
ence.  Must  have  experience  in 
one  or  more  of  the  following: 
Oracle,  Microsfot.NET,  C,  C++, 
Crystal  Reports,  Sybase,  DB2, 
Visual  Basic,  MS  DOS,  COBOL, 
VB.NET,  MS  Access,  SQL 
Server,  COGNOS,  Micro 
Strategy,  PowerBuilder,  VC++, 
JAVA,  XML,  ASP,  HTML.  Unix 
Network  Programming. 

Extensive  Travel  and/or  reloca¬ 
tion.  Attractive  compensation 
package.  Mail  your  resumes  to: 
Human  Resource  Director, 
American  Solution,  Inc.,  100 
Commerce  Drive,  Ste.  103, 
Newark,  DE  19713. 

Bioinformatics  Programmer 

wanted  to  oversee  all  aspects  of 
comp,  network  functions  in 
Center  for  Cancer  Systems 
Biology  (CCSB),  incl.  admin,  of 
multi-platform  network  &  mgmt. 
of  IT  infrastructure  &  oper.  syst. 
for  all  databases.  Will  also 
supervise  bioinform,  analysts, 
create  &  implement  bioinform, 
tools  for  analysis  of  functional 
genomics  &  proteomics,  &  dvlp. 
web-based  methods  for  access¬ 
ing  biological  datasets.  Must 
have  MS  deg.  in  Bioinform,  or 
Comp.  Sc.  &  2  yrs.  Bioinform, 
dvlpmt.  exper.,  incl.  exper.  work¬ 
ing  on  multiple  platforms 
(Unix/Linux,  PC,  Mac),  &  exper. 
in  genomic  or  proteomic  data 
analysis  using  AceDB,  MYSQL 
+/or  Oracle,  Perl,  C++  &  Java. 
Send  resume  to  Lorraine  J. 
Barnes,  International  Services, 
Dana  Farber  Cancer  Institute, 
44  Binney  St.,  Boston,  MA 
02115. 

Network  Systems  Analyst 

Position  available  for  Network 
Systems  Analyst.  Duties: 
Design,  install,  configure,  and 
support  LAN/WAN  (Local  Area 
Network/  Wide  Area  Network) 
network  configurations,  architec¬ 
ture  and  internet  systems. 
Maintain  and  test  Windows  NT 
Servers,  network  hardware,  and 
software.  Analyze  user  require¬ 
ments,  procedures,  and  prob¬ 
lems  to  automate  processing  or 
to  improve  network  systems. 
Monitor  network  system  perfor¬ 
mance  to  ensure  network  avail¬ 
ability  to  all  system  users  and 
perform  necessary  maintenance 
to  support  network  availability. 
Document  the  processes  neces¬ 
sary  for  computer  solutions. 
Identify  needs  of  development, 
modification,  or  update  of  cus¬ 
tomer's  network  systems.  Plan 
layout  of  new  computer  system 
or  modification  of  existing  sys¬ 
tem.  Communicate  with  IT  spe¬ 
cialists  of  customers  and  instruct 
them  to  solve  and  prevent  prob¬ 
lems. 

Requirements:  Bachelor's  deg¬ 
ree  in  Computer  Science  or 
related  field.  Compensation: 
$32,000  per  year,  plus  benefits. 
Working  conditions  include  40+ 
hour  work  week  with  two  weeks 
paid  vacation  per  annum. 
Submit  resume  with  complete 
references  to:  TransDigital 
Solutions,  Inc.,  167  West  Main 
Street,  Suite  210,  Lexington,  KY 
40507.  Only  persons  with  autho¬ 
rization  to  work  permanently  in 
the  U.S.  need  apply. 

All  duties  of  a  Manager, 
Hardware  Engineering  &  NPI, 
incl  managing  engrs  &  techni¬ 
cians,  providing  direct  engg  con¬ 
tribution  on  technical  projects  & 
technical  input  to  business 
dvlpmt  activity.  Managerial 
duties  incl  hiring  technical  staff, 
conducting  performance 

reviews,  personnel  issues, 
assigning  tasks  to  dept  staff, 
reviewing  &  approving  dept  & 
project  expenses  &  supervising 
lab  facility.  Specific  technical 
duties  incl  systm-  &  circuit-level 
dsgn,  verification  &  providing 
mfg  support  for  RF,  baseband  & 
audio  applies  for  wireless  com¬ 
munication  products  such  as 
CDMA,  GSM/GPRS/EDGE 

handsets,  data  modems,  refer¬ 
ence  dsgns  &  evaluation  plat¬ 
forms;  schematic  &  PCB  layout 
dsgn;  dsgn  of  Rx,  Tx  &  PLL  RF 
circuitry,  user  interface,  periph¬ 
eral  control,  radio  interface  cir¬ 
cuitry,  &  audio  circuitry;  dvlp  test 
s/ware  for  high-volume  factory 
test  using  C,  Teststand  & 
Labview  tools;  installation,  opti¬ 
mization,  support  of  test  systms 
in  mfg  facilities;  &  analysis  of 
factory  test  data  &  processes  to 
identify  &  resolve  factory  test 
issues.  Reqs  Bach  or  equiv  in 
Electrical  Engg  or  related  field.  5 
yrs  exp  in  job  offd  or  5  yrs  exp  in 
h/ware  or  radio  frequency  engg 
&  dsgn.  Respond  to  HR  Mgr, 
Job  Code  #HWMGR-IT, 

Elektrobit  Inc.,  11121  Willows  Rd 
NE,  Ste  200,  Redmond,  WA 
98052. 

BCCUSA  Inc  -  South  Portland, 
ME  needs  experienced  Pro¬ 
grammer  Analysts  having  a 
Bachelors  Degree  with  minimum 
two  years  of  progressive  experi¬ 
ence  in  J2EE  architecture  with 
understanding  of  Enterprise 
System  and  Application  archi¬ 
tecture.  Must  also  possess 
knowledge  of  RUP  &  UML 
methodology,  Requisite  Pro, 
Rational  Rose,  Rational  Clear 
Quest,  Rational  Clear  Case,  MS 
Visio,  MS  Project,  JAD  sessions, 
Winrunner,  and  Loadrunner. 
Competitive  salary  and  bene- 
fits.M-F,  40  hours/week.Please 
mail  your  resume  to  BCCUSA 
Inc.,  HR  Dept,  650Main  Street 
Ste  201,  South  Portland,  ME- 
04106. 

Assistant  Mgrs.  of  Operations 
needed.  Seeking  qual.  candi¬ 
dates  possessing  MS  or 
equiv.  &/or  rel.  work  exp.  Part 
of  req.  rel.  work  exp.  must 
include  1  yr  working  in  client 
support  to  resolve  customer 
IT  issues  &  working  w/  SQL 
Server.  Duties  include:  ana¬ 
lyze  business  processes  - 
implement  IT  solutions,  work¬ 
ing  w/  Oracle.  Fwd.  resume  & 
ref.  &  salary  req.  to  TRRS 
Imaging  (USA),  Inc.,  Attn: 
HR,  200  Middlesex  Essex 
Tpk,  #300,  Iselin,  NJ  08830. 

i 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis,  TN:  Senior  Systems  Pro¬ 
grammer.  Devise  procedures  to 
solve  complex  systems  and 
applications  problems.  Require¬ 
ments:  Bachelor's  degree  or 
equivalent*  in  computer  science, 
MIS,  engineering  or  related  field 
plus  5  years  of  experience  in 
systems  programming.  Experi¬ 
ence  with  UNIX,  C  and  logistics 
code  development  also  re¬ 
quired.  ‘Master's  degree  in  ap¬ 
propriate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Virginia  Laster, 
FedEx  Corporate  Services, 
2847  Business  Park,  Bldg  J, 
Memphis,  TN  38118-2831.  EOE 
M/F/D/V. 


IT  Application  Analyst  -  Lead.  BS 
in  comp  sci  or  related  field;  exp 
in  Object  Oriented  Analysis  & 
Dsgn  &  knowl  of  Java  &  J2EE 
envrmt  (Servlets,  EJB,  JDBC, 
JSPs,  JavaScript,  HTML),  Struts 
Framework,  XML/XSL,  MQ- 
Series,  SQL,  DB2,  Websphere 
5.0,  COBOL,  exp.  working  in 
Mainframe  Envrmt.  Demon¬ 
strated  communication  skills, 
knowl  of  insurance  &  fin'l  ser¬ 
vices,  willing  to  travel  &  do  on- 
call  support.  Resume  &  cvr  Itr  to: 
Jennifer  Schwartz,  HR,  711  High 
St.,  Des  Moines,  IA  50392-0550. 
Please  refer  to  specific  Job  # 
ACW23175, 


Network  and  Data  Comm¬ 
unications  Analyst  sought 
by  Amplidyne,  Inc.,  a 
Telecom  Network  Solutions 
company.  BS  in  Comp. 
Science/Electronics  Eng.  or 
a  related  field  with  5  yrs. 
exp.  Respond  by  resume  to 
HR  Dept.,  16075  E.  32nd 
Avenue,  Unit  A,  Aurora,  CO 
80111-1529 


Senior  Account  Manager  wanted 
to  source  and  support  new  tech¬ 
nical  business  development 
opportunities.  Must  have 
Bachelor's  degree  in  Electrical 
Engineering,  Computer  Science 
or  related  field  and  4  years 
experience  in  corporate  sales  in 
the  software  services  industry, 
including  2  years  experience 
with  project  management  and 
software  development.  Send 
resume  to  Hilary  Gosselin, 
Human  Resources  Manager, 
Lionbridge  Technologies,  Inc., 
492  Old  Connecticut  Path, 
Framingham,  MA01701. 


Applications  Engineer  needed 
to  dsgn  &  dvlp  s/ware  for  tele¬ 
com  interoffice,  narrow/broad 
band  provisioning  using 
Enterprise  Architect  CEM, 
Tuxedo,  C++,  Unix,  Java, 
J2EE,  XML,  XSLT,  Informix, 
Oracle;  dsgn  &  dvlp  interfaces 
for  OS  &  GUI  using  Java 
Swing,  JSP,  EJB,  XHTML, 
SVG  &  WebLogic.  Apply  to: 
Global  Consultants,  Attn: 
Hireme,  8800  Grand  Oaks  Cir 
#100,  Tampa,  FL  33637. 


Computers:  Programmer/ 
Analysts  needed.  Seeking 
qual.  candidates  possess¬ 
ing  BS  or  equiv.  and/or  rel. 
work  exp.  Duties  include: 
Work  with  3  of  the  follow¬ 
ing:  Visual  Basic,  Java, 
Oracle,  SQL  Server, 
UNIX.  Fwd.  resume  &  ref. 
to:  Aequor  Technologies, 
Inc.,  Attn:  HR,  Colonial 
Center,  1500  2nd  Ave.  SE, 
Suite  #105,  Cedar  Rapids, 
IA  52403. 


Computer  Professionals,  Prod¬ 
uct  Engineers  wanted  by  TAC 
Automotive  to  design  &  develop 
converter-Clutch  Control,  torque 
converters  using  CAE,  AutoCAD 
tools.  Must  have  System  or 
Computer  engineering  degree 
with  exp.  Please  send  resumes 
to:  jobs@tacautomotive.com. 
EOE.  No  calls. 

Systems  People  seeks  prog, 
analysts,  software  engineers, 
DBAs  to  design  customized 
applications  to  meet  client's 
needs.  Travel  maybe  required. 
Min  requirement  is  BS/MS  with 
IT  exp.  Competitive  wage  with 
full  benefits,  sponsor  H/Green 
Card.  Contact:  jobs@systems- 
people.com.  EOE. 


Software  Engineer  (Huntsville, 
Alabama)  -  Jaya  application  pro¬ 
grammer  responsible  for  devel¬ 
opment,  integration,  and  testing 
of  telecommunication  products 
into  a  distributed,  multi-client, 
multi-server  Element  Manage¬ 
ment  System.  Must  have  a 
Bachelor  degree  or  foreign 
degree  equivalent  in  Electrical 
Engineering  or  Computer  Engin¬ 
eering.  Education  or  work  back¬ 
ground  must  include  one  year  of 
experience  in  Java  application 
programming.  Must  have  legal 
authority  to  work  in  U.S.  Send 
resume  to  D.  Tober  (REF:SE), 
ADTRAN,  901  Explorer  Blvd., 
Huntsville,  AL  35806. 


Programmer  Analyst  needed 
w/Bachelors  degree  or  Foreign 
Equivalent  in  Engg.  or  Comp. 
Scie.  or  Math  &  2  yrs.  exp  to 
analyze  &  design  Entity  & 
Functional  Models  using  Oracle 
Designer.  Create  &  test  Java 
programs  that  interact  wth 
Oracle  Database  using  JDBC  & 
JSERVER.  Create  applications 
using  Oracle  Workflow.  Create  & 
test  voice  applications  using 
VoiceXML  &  Voice  Grammars 
using  Nuance  Grammar  Builder. 
Develop  custom  reports  using 
JReports.  Implement  &  maintain 
Data  Exchange  using 
MQSeries.  Mail  resumes  to: 
Bhrigus  Inc.,  (Ref  #001)  Cantera 
Center,  4320  Winfield  Road, 
Suite  200,  Warrenville,  IL  60555. 


Software  Developer 

To  develop  applications  for  a 
variety  of  educational  systems 
and  business  applications  using 
Asp/Asp.NET,  C++,  C#  and  VB6 
and  using  MS  Visual  Studio  as 
coding  environment.  Req.  MS 
degree  in  Comp.  Sci.,  Info. 
Mgmt  or  other  related  field, 
familiarity  with  double-byte  char¬ 
acter  sets/Unicode  for  Asian  lan¬ 
guage-based  application  inter¬ 
faces,  and  profic.  in  Asp / 
Asp.NET,  C++,  C#  and  Visual 
Studio.  40hrs/wk.  Send  resume 
&  cover  letter  to  Fred  Ferguson, 
Curriculum  Associates,  Inc., 
P.O.  Box  2001,  N.  Billerica,  MA 
01862-9914  Fax:  (978)  663- 
0521. 
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Programmer  Analyst  needed 
w/2  yrs  exp  to  analyze,  design, 
develop  and  debug  the  code  for 
n-tier  multi  channel  (web  & 
voice)  system  using  VoiceXML, 
XSL,  Java.  J2EE  &  XML.  Test  & 
deploy  the  voice  applications  on 
Tellme  platforms.  Build  the  secu¬ 
rity  applications  using  RSA 
encryption  &  SOAP  web  ser¬ 
vices.  Build  Java  GUI  applica¬ 
tions  using  Java  Swing  APIs, 
JAXP  &  Xalan.  Mail  resumes  to: 
Bhrigus  Inc.  (Ref  #002)  Cantera 
Center,  4320  Winfield  Road, 
Suite  200,  Warrenville,  IL  60555. 


COMPUTERS 

Product  Verification  Engineer 
needed  to  plan  &  conduct  sys¬ 
tem  tests  and  analyze/config¬ 
ure/test  L1-L3  network  protocols 
in  support  of  product  develpmt  in 
Raleigh  NC.  Req's  MS+3  yr. 
experience  or  BS+5.  Exp  must 
include:  UNIX;  network  hard¬ 
ware  &  OS;  automated  test 
infrastructure;  analysis,  config¬ 
uring  &  testing  OSI  L1-L3  proto¬ 
cols;  Shell/CGI/Tcl  scripting; 
Java  &  C/C++  programming. 
Principals  only.  Mail  resume  to 
C.  Cocchiarella/Re:AT,  Spirent 
Communications,  26750  Agoura 
Road,  Calabasas,  CA  91302. 
EOE. 


System  Engineer  w/  2  yrs 
exp  to  design,  configure  & 
implement  s/w  applica¬ 
tions  using  HP  Open  View 
Suite,  Spectrum  network 
management;  configure 
Cisco  routers  &  switches 
using  Cisco  works.  Set  up 
IP  protocols  with  SNMP  & 
MIB,  MS  -  SQL  &  Oracle 
database  on  Sun  Solaris, 
HP  Unix  &  Windows.  Mail 
res.  to:  Compulnfo,  1119- 
ID,  Crab  Orchard  Drive, 
Raleigh,  NC  27606. 


The  World  Of  Work  Is 
Changing  Every  Week. 


Luckily,  We  Are  Too! 


Search  for  jobs  and 
post  your  resume  here 
on  www.itcareers.com 


IT 


careers.com 


F/T  Software  Engineer.  Respon¬ 
sible  for  designing,  developing, 
enhancing,  and  maintaining  Net¬ 
work  Server  Management  Soft¬ 
ware  Components  using  various 
operating  systems  and  comput¬ 
er  networking  technologies.  De¬ 
sign  and  analyze  the  software 
components  for  various  comput¬ 
er  organizations  using  various 
data  structures,  database  man¬ 
agement,  and  distributed  com¬ 
puting  techniques.  Coding  soft¬ 
ware  components  using  both 
assembler  level  and  higher  level 
languages.  Develop  user  inter¬ 
face  using  e-commerce  con¬ 
cepts.  Follow  Software  Engin¬ 
eering  procedures  throughout 
life  cycle  of  development.  Must 
have  a  Masters  degree  in 
Computer  Science  and  Engine¬ 
ering,  related  field  or  foreign 
degree  equivalent.  Educational 
background  must  have  included 
Data  Structures  and  Algorithms, 
Computer  Organization,  Distri¬ 
buted  Computing,  Operating 
Systems,  Computer  Networks, 
Software  Engineering,  Database 
Management  Systems,  Higher 
Level  Language  Lab,  Assembler 
Level  Language  Lab,  E- 
Commerce.  Salary:  Competitive. 
Send  resume  to:  Srivatsan 
Ramachandran,  A.M.I.,  6145-F 
Northbelt  Parkway,  Norcross, 
GA  30071. 

Computer  Professionals 

(Multiple  Openings)  Software 
Engineer,  Programmer  Analyst, 
Database  Analyst,  Systems 
Analyst,  Administration/Network 
Administrator.  Positions  offered 
require  the  minimum  of  a  four- 
year  Bachelor  Degree  or  a  for¬ 
eign  degree  determined  to  be 
the  U.S.  Equivalent  to  a 
Bachelor's  Degree;  also  require 
a  minimum  of  one  year  experi¬ 
ence  in  one  or  more  of  the  fol¬ 
lowing:  Oracle,  Microsfot.NET, 
C,  C++,  Crystal  Reports, 
Sybase,  DB2,  Visual  Basic,  MS 
DOS,  COBOL,  VB.NET,  MS 
Access,  SQL  Server,  COGNOS, 
Micro  Strategy,  PowerBuilder, 
VC++,  JAVA,  XML,  ASP,  HTML, 
Unix  Network  Programming. 
Extensive  Travel  and/or  reloca¬ 
tion.  Attractive  compensation 
package.  Mail  your  resumes  to: 
Human  Resource  Director, 
American  Solution,  Inc.,  100 
Commerce  Drive,  Ste.  103, 
Newark,  DE  19713. 

UNIX  Systems 
Administrator  (NYC) 

Software  Company  located  in 
Lower  Manhattan  seeks  a  UNIX 
Systems  Administrator 

The  following  are  the  main 
responsibilities: 

•  Analyze  &  evaluate  user 
needs; 

•  Design  &  configure  systems; 

•  Implement,  test  &  write  scripts 
as  needed  to  ensure 
system/network  performance; 

•  Write  &  execute  scripts,  main¬ 
taining  library  of  test  scripts  & 
creating  overall  testing  infra¬ 
structure. 

•  Perform  hardware  install  and 
maintenance. Requirements: 

•  BS  in  Engineering/Computer 
Science 

•  1  year  experience  as  a  UNIX 
System  Administrator 

•  Shell  Programming  -  Korn, 
Bourne,  csh  and  perl, 

•  Familiarity  with  Solaris  and 
Linux  operating  systems. 

•  Must  be  familiar  with  the  Sun 
enterprise  class  servers. 

•  Must  be  familiar  with  Intel 
based  servers. 

•  Should  be  familiar  with  UNIX 
security. 

Apply  to:  Royalblue  Financial 
Corp.,  17  State  Street,  New 
York,  NY  10004,  Attn:  CTM-WC. 

Programmer  Analysts  needed. 
Duties:  Perform  process  re-engi¬ 
neering  and  improvement.  Gath¬ 
er  and  evaluate  requirements, 
translate  business  requirements 
and  prepare  technical  specifica¬ 
tions.  Provide  system  develop¬ 
ment  initiatives  and  complex 
reporting  and  analysis  to  sup¬ 
port  various  functions.  Devise, 
develop  and  test  applications 
using  appropriate  end  user  tools 
such  as  PCSAS,  COGNOS  and 
SQL.  Validate  data  integrity  by 
ensuring  timely  maintenance, 
updates,  code  sets,  procedure 
and  diagnosis  codes.  Work  with 
Teradata  and  Oracle  databases 
on  Unix  platform.  Install  pro¬ 
grams  and  procedures.  Perform 
complex  data  mapping,  data 
mining,  data  extraction  and 
manipulation.  Travel  to  set  up 
systems,  interact  with  clients 
and  train  users  at  various  loca¬ 
tions  for  different  short  and  long 
term  projects.  Req:  BS  or  equiv 
in  Comp  Sci.  Engg,  Math  or 
related  &  2  yrs  in  the  job  offered 
or  2  yrs  as  a  comp  prof.  Experi¬ 
ence  must  include  2  yrs  working 
w/PCSAS,  Teradata  and  COG¬ 
NOS.  Sev.  Pos.  avail.  Sal. 
$44,400.00/yr,  40  hrs/wk, 

8:OOAM-5:OOPM  Send  resume 
to  PA  Career  Link/Job  Service: 
Site  Manager,  Beaver  County 
CareerLink,  2103  Ninth  Avenue, 
Beaver  Falls,  PA  15010-3957, 
Reference  Job  Order  No.  WEB 
472887. 

Sr.  Software  Engineer  wanted  to 
mng.  software  dvlpmt.  projs.  for 
n-tier,  web-based  CRM  apps.  for 
use  by  the  invest,  mngmt.  & 
energy  indust.  Must  have  B.S. 
deg.  in  Comp.  Sc.,  Eng.  or  relat¬ 
ed  field  &  min.  3  yrs.  exper. 
developing  n-tier,  web-based 
apps.  using  Microsoft.NET 
framework  (including  ASP.NET, 
Visual  C#.NET  &  Visual 
Basic.NET),  XML  &  Web 
Services,  COM/ActiveX  compo¬ 
nents,  incl.  COM+  &  SQL  pro¬ 
gramming  +  object-oriented 
analysis,  design  &  programming 
exper.,  incl.  UML,  &  exper. 
developing  &  integrating  CRM 
apps.  &  developing  commercial 
apps.  Send  resume  to  Steven 
Nothern,  CFO,  Satuit  Techn¬ 
ologies,  Inc.,  80  Washington  St., 
Unit  M-50,  Norwell,  MA  02061. 

Statistical  Modeling  Analyst, 
Wachovia  Corp.,  Charlotte,  NC. 
Design,  dev.,  implement  analyti¬ 
cal  programs,  algorithms  A  scor¬ 
ing  models  re:  predicting  cus¬ 
tomer  behavior,  profitability, 
market  drivers,  product  ID,  & 
marketing  campaigns.  Reqs.  BA 
in  Math  or  Stats.  2  yrs.  exp.  in 
pos.  offered  or  as  a  Stat.  Progra¬ 
mmer  Analyst,  TA,  or  Software 
Dvlp.  The  2  yrs  exp.  must  incl. 
bldg.  adv.  quant,  models  using 
algorithms  &  scoring  models, 
conducting  stat.  analysis  using 
SAS,  SPSS  or  similar  tools  pre¬ 
dicting  customer  behavior  based 
on  large  quantitites  of  data.  1  yr. 
exp.  must  ind.  defining  &  as¬ 
sessing  marketing  strategies  in 
a  financial  instit.  M-F,  8-5,  Send 
resume  to  Beth  Shook,  Wacho¬ 
via  Corp.,  1 525  West  W.T.  Harris 
Blvd.,  NC0134,  Charlotte,  NC 
28262-0134.  No  phone  calls. 

F/T  Research  Software  Engine¬ 
er  for  NM  location.  Responsible 
for  performing  database  design, 
system  configuration,  data  con¬ 
version  planning,  application  de¬ 
sign  and  development,  docu¬ 
mentation  development,  and 
application  and  system  training. 
Configure  hardware,  software, 
and  network  components  of  GIS 
and  LIDAR  systems.  Assist  cli¬ 
ents  in  developing  practical  pro¬ 
grams  that  maximize  the  bene¬ 
fits  of  their  GIS  investment.  An¬ 
alyze  clients'  system  operations 
to  determine  opportunities  for 
increasing  production  efficiency. 
Must  have  a  Master's  degree 
Computer  Science,  related  field, 
or  foreign  degree  equivalent. 
Must  have  2  yrs.  of  exp.  in  job 
offered  or  a  position  w/  same 
duties.  Salary:  Competitive. 
Send  resumes  to:  Sheila  Seals. 
Spectrum  Mapping.  LLC,  Ref: 
222,  28969  Information  Lane, 
Easton,  MD  21601. 

PROG.  ANALYST  - 
ORACLE  APPLNS 

Perform  analysis,  dsgn  &  imple¬ 
mentation  on  Oracle  applns  sys. 
software  incl.  quality  assurance, 
production  support,  documenta¬ 
tion  &  testing  for  Enterprise 
Resource  Planning  projects.  MS 
in  Comp.  Sci.  or  Electrical  or 
Electronics  Engnrg  +  2  yrs  exp. 
in  job  offered  or  as  a  Software 
Engnr  -  Oracle  Applns.  Exp. 
must  incl.  Oracle  applns.  C, 
C++,  PL/SQL,  OOAD  &  UML. 
High  mobility  preferred.  40 
hrs/wk,  OT  as  reqd,  8  am  -  5pm, 
$66,730/yr.  Submit  resume  to: 
Manager,  Butler  County  Career- 
Link,  Pullman  Conference  Cen¬ 
ter,  112  Hollywood  Drive,  Suite 
101,  Butler,  PA  16001-5699. 
Refer  to  Job  Order  No.  WEB 
474249. 

Software  Engineers  to  lead 
teams  to  analyze,  design,  devel¬ 
op  client/server,  web  appls  in 
ASP,  XML.  ActiveX  Controls, 
VB,  ASP.NET,  VB.Net,  ADO. Net, 
HTML,  Oracle,  SQL  Server, 
Windows  etc;  create  complex 
business  components  using 
COM  dynamic  link  libraries  and 
implement  them  in  multi-tier  en- 
vir  using  MS  Transaction  Server; 
trouble  shoot  software/hardware 
problems;  interact  between  pro¬ 
ject  members,  vendors,  custom¬ 
ers  and  recommend  hardware/ 
software  upgrades;  provide  trai¬ 
ning  to  end  users,  team  mem¬ 
bers.  Require:  MS  in  CS/Engg 
(any  branch)  &  3  yrs  exp  in  job 
offered  or  a  BS  or  foreign  equiv 
in  CS/Engineering  &  5  yrs  of 
progressive  exp  in  IT.  Travel 
Involved.  Comp. Salary  F/T. 
Resumes:  HR,  Synergy  Ameri¬ 
ca,  Inc.,  6340  Sugarloaf  Park¬ 
way,  Ste  140,  Duluth,  GA30097, 

F/T  Computer  Programmer.  Re¬ 
sponsible  for  analyze,  review, 
modify  and  implement  new  and 
existing  programs  using  iSeries, 
AS/400  systems,  and  RPG/400, 
Delphi  and  Java  programming 
Languages.  Develop  specifica¬ 
tions  using  systems  analysis. 
Adapt  programs  to  new  require¬ 
ments  and  monitor  their  perfor¬ 
mance.  Must  have  a  Bachelor's 
degree  in  Computer  Science, 
Electronic  Engineering,  related 
field  or  foreign  degree  equiva¬ 
lent.  Must  have  3  yrs.  of  exp.  in 
job  offered  or  a  position  w /  same 
duties.  Salary:  Competitive. 
Send  resume  to:  C.  Lesker, 
Datatex  TIS,  Inc.,  11810  North- 
fall  LN,  Bldg.  1203,  Alpharetta, 
GA  30004. 

Programmer  Analysts  to  ana¬ 
lyze,  design  web  appls  using 
Java,  VB,  Java  Script,  VBScript, 
HTML,  DHTML,  ASP,  PHP, 
Access,  Oracle,  SQL  Server, 
Dreamweaver,  Active  X,  IIS 
under  Windows,  UNIX  OS;  gen¬ 
erate  batch  reports;  conduct 
user  req/feasibility  studies  & 
systems  analysis;  maintain,  doc¬ 
ument,  support,  test  and  debug 
appls.  Require:  B.S.  or  foreign 
equiv  in  CS/Engg(any  branch) 
with  2  yrs  exp  in  web  based 
appls.  High  Salary.  F/T.  Travel 
involved.  Resume  to:  HR,  Salem 
Associates,  Inc.,  405,  6th  Ave„ 
Ste102,  Des  Moines,  IA50309 

Software  Developer,  under  sup¬ 
ervision,  will  develop,  test  and 
implement  client-server  web 
based  applications  using  Com, 
MSMQ,  C,  C++,  Pl/Sql,  HTML, 
Visual  Basic,  Windows  95.  VB¬ 
Script,  JavaScript,  Cobol,  Net¬ 
work  technologies  and  Oracle. 
Will  be  responsible  for  complete 
life  cycle  of  the  project.  40 
hrs/week,  Mon-Fri,  8am  to  5pm. 
Bachelor's  Degree,  one  year  &  6 
months  experience  required. 
Competitive  salary.  Send  res¬ 
ume  to  Manager,  Yetma  Invest¬ 
ment  Ltd,,  5001  W.  Fond  du  Lac 
Ave„  Milwaukee,  Wl  53216. 
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Proofpoint’s  modules  work  with 
its  Protection  Server  software  and 
Messaging  Security  Gateway  appli¬ 
ance.  The  Content  Compliance 
module  helps  organizations  en¬ 
force  policies  regarding  the  type 
of  information  that  can  be  sent 
outside  the  company  as  well  as  file 
attachment  types  and  sizes,  says 
Andres  Kohn,  director  of  products 
with  Proofpoint.The  module  scans 
outgoing  e-mail  and  stops  mes¬ 
sages  that  violate  policies  defined 
by  a  set  of  logical  rules  that  each 
company  establishes. 

Content  Compliance  will  be¬ 
come  a  standard  part  of  Protec¬ 
tion  Server,  which  costs  between 
$2  and  $20  per  user,  per  year, 
depending  the  number  of  users. 

The  Digital  Asset  Security  mod¬ 
ule,  also  designed  to  protect  confi¬ 
dential  information,  leverages 
Proofpoint’s  MLX  message  classifi¬ 
cation  techniques  found  in  its  anti¬ 
spam  filters  to  analyze  a  compa¬ 
ny’s  classified  documents  and  then  scan  outgoing  mail  to  look  for  a 
match. Flagged  messages  can  be  blocked, quarantined  or  encrypted  by 
third-party  software,  depending  on  a  company’s  preference,  Kohn  says. 
The  module  will  cost  between  $4  and  $40  per  user,  per  year. 

The  third  module,  called  Proofpoint  Regulatory  Compliance,  helps 
organizations  comply  with  federal  regulations,  such  as  the  Health 
Insurance  Portability  and  Accountability  Act.  It  scans  for  content 
deemed  “non-public”  by  checking  against  a  dictionary  of  keywords.The 
module  will  cost  between  $2  and  $20  per  user,  per  year. 

IronBort’s  upgraded  Reputation  Filters  are  designed  to  stop  spam  be¬ 
fore  it  traverses  the  Internet, says  Peter  Schlampp, senior  director  of  prod¬ 
uct  management.  IronPort  estimates  more  than  70%  of  spam  comes 
from  large  ISPs  that  offer  broadband  services  to  consumers  whose  PCs 
are  hijacked  by  zombies,  programs  that  turn  PCs  into  spam  servers. 

The  upgraded  Reputation  Filters  scan  an  ISP’s  outgoing  mail  stream 
looking  for  telltale  signs  of  spam  activity, such  as  an  IP  address  that  sud¬ 
denly  sends  excessive  amounts  of  mail,  and  blocking  it  accordingly 

While  IronPort  says  this  feature  will  benefit  its  ISP  customers,  it  also 
will  help  enterprise  network  shops  identify  PCs  that  have  been  taken 
over  by  zombie  programs  and  shut  them  down. 

The  upgraded  reputation  filter  is  free  to  customers  of  IronPort’s 
C-Series  appliances,  which  are  priced  starting  at  $9,950.  ■ 


Shaken  or  stirred? 

Scanning  outbound 
messages  is  the  latest 
addition  to  what  vendors 
refer  to  as  the  “cocktail” 
approach  to  fighting 
spam.  Other  ingredients 
can  include: 


Bayesian  filters. 

Blacklists  and  whitelists 
of  known  spam  sources 
and  valid  senders, 
accordingly. 

Content  and  URL  scanning. 
Heuristics. 

Message  fingerprinting, 
digital  signatures  or  other 
pattern-detection 
technology. 

Reputation  services  that 
rate  IP  addresses. 

Sender  authentication. 
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VPNs 

continued  from  page  1 

those  costs  can  plummet.  “Com¬ 
pare  that  with  $45  a  month  aver¬ 
age  per  site  for  DSL  connections 
and  the  upfront  cost  —  anywhere 
from  $350  to  $1,295  [per  site]  of 
the  VPN  hardware,”  he  says. 

Even  with  these  big  savings  in 
mind,  businesses  have  to  keep  in 
mind  that  VPNs  are  full  of  cost 
“gotchas.” 

Lancet  Technology  a  medical 
software  company  in  Boston,  in 
the  past  has  created  VPN  connec¬ 
tions  with  its  business  partners 
using  Cisco  and  Nortel  VPN 
clients,  says  Kevin  Mulligan,  CIO 
of  the  firm.  But  the  clients  are 
tricky  to  configure  and  the  part¬ 
ners  generally  don’t  have  experi¬ 
ence  with  them. 

Plus,  the  VPNs  require  reconfig¬ 
uring  firewalls  so  VPN  traffic  can 
pass  through,  which  winds  up 
costing  Lancet  time  on  the  phone 
to  help  out. 

“We  had  more  headaches  with 
them,”  Mulligan  says.  He  had  to 
spend  a  lot  of  time  negotiating 
with  partners  to  get  them  to  agree 
to  the  VPN  in  the  first  place,  the 
major  objection  being  that  fire¬ 
wall  reconfiguration  goes  against 
their  corporate  policies. 

Similarly,  being  on  the  receiving 
end  of  such  a  proposal  and  join¬ 
ing  a  partner’s  existing  VPN  can 
tie  up  valuable  time,  he  says, 
which  again  translates  into 
expense. 

Customers  trying  to  comply 
with  requests  to  use  the  same 
client  ran  into  trouble,  creating 
more  work  for  Lancet,  Mulligan 
says.They  would  call  us,  and  we 
would  call  Cisco  technical  sup¬ 
port,  and  six  hours  later  we  might 
resolve  it,”  he  says,  but  by  then  the 
day  was  shot.  Instead  the  firm  has 
switched  to  a  managed  SSL 
remote-access  service  that 
requires  no  client  and  no  firewall 
reconfiguration. 

Even  when  VPNs  are  success¬ 
ful,  their  very  success  can  cut  in 
on  expected  savings,  says  Dan 
King,  network  administrator  for 
The  Mental  Health  Center  of 
Greater  Manchester,  N.H.  He 
replaced  point-to-point  T-l  lines 
from  four  satellite  offices  to  the 
main  office  with  a  SonicWall 
IPSec  VPN.  The  switch  saved 
enough  money  to  give  a  fifth, 
unconnected  office  an  ISDN- 
based  DSL  line.  But  the  new  con¬ 
nections  gave  each  office  its 
own  Internet  access,  meaning 
Internet  traffic  was  no  longer 
funneled  through  the  lone  Inter¬ 
net  connection  at  the  main  site. 
These  new  connections  also  pro¬ 


Avoid  VPN  surprises 

Careful  planning  can  help  businesses  avoid  unexpected 
VPN  expenses.  Some  areas  to  consider: 

Authorization  risks 

Does  the  VPN  restrict  user's  access  once 
they  have  cleared  the  firewall? 

Support 

Client  software  updates  and  increased  help 
desk  calls  can  sap  savings. 

Bandwidth 

VPNs  can  be  so  popular  that  they  force 
customers  to  increase  Internet-access 
bandwidth  to  keep  up. 

Best  fit 

Test  gear  in  actual  use  to  find  unforeseen 
shortcomings  and  expenses. 

Upgrades 

Be  prepared  for  potential  expensive  upgrades 
and  overhauls  as  the  technology  evolves. 

vided  faster  downloads,  a  perfor¬ 
mance  boost  that  resulted  in 
more  use.  And  when  he  was 
offered  a  price  reduction  on  his 
768K  bit/sec  DSL  lines  or  an 
increase  in  bandwidth  to  1,024K 
bit/sec,  he  gave  up  the  savings 
for  the  bandwidth. 

Customers  should  check  out 
proposed  VPNs  in  all  their  prob¬ 
able  uses  before  committing  to 
them, says  Tony  McCafferty,  direc¬ 
tor  of  IT  for  Hualalai  Resort  in 
Kailua  Kona,  Hawaii.  It  can  elim¬ 
inate  a  lot  of  costly  swapping,  he 
says. 

The  resort  needed  remote 
access  for  traveling  executives, 
and  he  believed  an  IPSec  VPN 
was  the  way  to  go.  Initially  Check 
Point’s  Secure  Remote  clients 
were  installed  in  company  lap¬ 
tops,  which  worked  well  much  of 
the  time.  But  at  hotels  and  at  busi¬ 
ness  partner  sites,  there  were 
problems  crossing  firewalls,  re¬ 
sulting  in  calls  for  help. 

SSL  remote 

McCafferty  decided  to  try  SSL 
remote  access  because  it  re¬ 
quired  no  special  firewall  config¬ 
uration.  The  gear  he  bought 
though,  made  by  Aventail.was  too 
complex  to  get  running  properly 

“The  unexpected  cost  on  our 
part  was  trying  to  troubleshoot,” 
he  says.  Software  upgrades  and 
even  having  the  company  ship 
him  a  configured  unit  didn’t 
solve  the  basic  problem  of  get¬ 
ting  it  to  work  with  Outlook  Web 
Access. 

After  about  nine  months  of  try¬ 
ing  he  gave  up  and  bought  an 
SSL  gateway  from  Enkoo,  a  ven¬ 
dor  that  designed  its  gear  to  be 
easy  to  set  up.  The  gateway 
lacked  features  of  other  SSL  gear, 
but  it  had  enough  to  meet 
Hualalai’s  needs,  he  says.  He  only 
recently  turned  off  the  Check 
Point  gear.“We  had  so  much  trou¬ 
ble  getting  the  Aventail  up  and 
running  we  couldn’t  get  rid  of 
the  IPSec  altogether]’  McCafferty 
says. 


When  customers  buy  VPN  gear, 
they  have  to  accept  that  it  is 
more  equipment  on  their  net¬ 
work  that  requires  maintenance. 
“When  you  buy  security  gear, you 
are  constantly  installing  updates 
and  patches,”  says  Robert 
Whiteley,  a  VPN  analyst  with 
Forrester  Research,  and  that  can 
mean  a  big  investment  in  time.“If 
you’re  an  enterprise  worth  your 
salt,  you’re  going  to  test  [the 
updates]  first.” 

VPN  gear  also  can  carry  periph¬ 
eral  expenses,  Whiteley  says. 
Securing  VPNs  might  involve 
authenticating  remote  users  with 
digital  certificates,  another  invest¬ 
ment  in  time  and  education.  “It 
means  managing  digital  certifi¬ 
cates  and  making  sure  they  are 
properly  deployed,”  he  says. 

Businesses  also  face  the  cost  of 
upgrading  as  technologies  im¬ 
prove,  says  Desmond  Lee,  VPN 
project  manager  for  group  IT 
infrastructure  and  operations  at 
PartnerRe,  an  international  re¬ 
insurance  company  in  Ber¬ 
muda. 

The  company  has  decided  to 
forego  an  upgrade  of  its  IPSec 
VPN  equipment  from  Check  Point 
because  it  requires  replacing  gear 
at  15  sites.  Instead,  it  is  switching  to 
just  three  SSL  remote-access  gate¬ 
ways  from  Juniper. 

SSL  requires  less  equipment, 
and  it  comes  with  software  to 
check  the  security  of  the  remote 
machines,  something  that  would 
have  meant  an  upgrade  with 
Check  Point,  Lee  says.  6 


More  online!: 
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BackSpin 


Mark  Gibbs 


Our  second  Thanksgiving  Golden  Turkey  Awards 


everal  years  ago  (1996  actually) 
I  offered  for  your  delectation 
the  Gibbs  Institutes  First 
Thanksgiving  Golden  Turkey  Award. 
Having  skipped  this  event  for  the  last 
eight  years.it  is  time,  once  again,  to 
roll  out  the  red  carpet,  polish  the 
manacles  and  oil  up  the  whips. 

Back  then  I  noted  that  our  industry  has  a  novel 
combination  of  hype,  hyperbole,  misrepresentation, 
obfuscation,  innuendo  and  silliness  hanging  on  to 
the  coattails  of  the  most  important  business  and  cul¬ 
tural  transformation  in  the  history  of  business. 

So  the  Gibbs  Institute’s  Thanksgiving  Golden  Turkey 
is  a  way  to  spotlight  the  individuals,  companies  or 
entities  that  don’t,  won’t  or  can’t  come  to  grips  with 
reality  maturity  ethical  behavior  or  social  responsi¬ 
bility  because  of  their  blindness,  self-imposed  igno¬ 
rance,  thinly  veiled  political  agenda  or  blatant  desire 
to  return  us  to  the  Dark  Ages. 

Contender  1:  The  SCO  Group.  Will  it  never  go 
away?  Frequent  readers  of  this  column  will  know  my 
take  on  SCO’s  business  practices  and  ethics. 

Contender  2:  The  FCC.  Forget  the  crazy  $500,000 
fine  for  Janet  Jackson’s  “wardrobe  malfunction.” 
Following  the  pathetic  ABC  lead-in  segment  to  Mon¬ 
day  Night  Football  last  week  (see  www.gibbs.com/ 
stuff)  the  FCC  chairman  said  on  CNBC  that  “the  net¬ 


works  seem  determined  to  ‘keep  it  hot  and  steamy’ 
for  financial  returns.”  If  the  FCC  has  so  much  time  to 
burn  that  it  can  worry  about  sillinesses  such  as 
Jackson’s  wardrobe  and  ABC’s  trailers  we  need  to 
ask  why  it  exists. 

Contender  3:  Everyone  who  has  a  mail  server  that 
sends  non-delivery  notifications.  Please,  please, 
please  switch  that  feature  off.  Some  spammer  is 
using  my  server  details  to  forge  email  headers  and 
I’m  receiving  100  bounces  or  more  each  day 

Contendor4:  CompUSA.  As  ever,  good  selection 
and  prices  along  with  poorly  trained,  inconsiderate 
staff.  Remind  me  to  tell  you  just  why  it  took  them  an 
hour  to  sort  out  why  my  brand-new  motherboard 
box  didn’t  contain  a  brand-new  motherboard. 

Contender  5:  AT&T  Wireless  (now  Cingular).  Its 
patchy  cell  service  is  annoying  but  what  the  compa¬ 
ny  thinks  is  customer  service  takes  anger  to  a  whole 
new  dimension.  It  took  me  85  minutes  last  week  to 
get  my  son’s  cell  phone  replaced. 

Contender  6:  The  The  Motion  Picture  Association 
of  America  (MPAA)  and  the  Recording  Industry 
Association  of  America  (RIAA).The  MPAA  has 
recently  gone  down  the  same  litigious  path  that  the 
RIAA  took.  Get  a  grip  guys. You  need  a  different  busi¬ 
ness  model  more  than  you  need  a  fleet  of  lawyers. 

Contender  7:  Microsoft.  Bugs,  patches,  security 
problems,  being  a  bad  market  playmate,  and  spread¬ 


ing  fear,  uncertainty  and  doubt  just  to  gain  market 
advantage.  And  lying  about  TCO  compared  with 
Linux.  And  lying  about  the  need  to  have  Windows 
Media  Player  bound  into  the  operating  system.  Did  I 
leave  anything  out? 

Contender  8:  Sun.  For  cozying  up  to  Microsoft  after 
years  of  vehement  accusations  and  court  battles. 
Amazing  what  a  couple  of  billion  dollars  can  buy 

Contender  9:  Voting  machine  manufacturers.  As  if 
politics  weren’t  in  enough  of  a  mess,  we  now  have 
buggy  systems  that  will  determine  the  outcome  of 
elections.  But  Michelle  Shafer,  spokesbot  for  Hart 
InterCivic,  says  “It’s  not  a  machine  issue.  It’s  voters  not 
properly  following  the  instructions.” 

Contender  10:  Every  printer  manufacturer  that  uses 
non-refillable  cartridges.  It  makes  no  sense  that  we 
have  to  pay  inflated  prices  for  something  as  basic  as 
ink.  Of  course  the  manufacturers  don’t  see  it  that 
way:  HP’s  Pradeep  Jotwani  said“there’s  an  enormous 
amount  of  technology  in  these  things.”  He  failed  to 
clarify  that  he’s  talking  about  marketing  technology 

And  this  year’s  winner  is  . .  .well, you  decide. Send 
me  your  votes  and  other  nominations,  and  we’ll 
apply  our  Generalized  Unified  Election  Summing 
System  to  find  the  Top  Turkey 

Tips  on  how  to  cook  the  bird  to  backspin@gibbs. 
com.  Bon  appetit. 
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By  Paul  McNamara 

Worth  a  stamp  of  approval 

Stamps.com  CEO  Ken  McBride  sees 
every  reason  to  believe  that  his  com¬ 
pany's  “personalized  postage"  program  can  take  a  licking  and  keep  on  sticking. 

What  he  needs  is  for  the  U.S.  Postal  Service  to  view  things  the  same  way,  which 
might  require  officials  there  to  don  corrective  lenses  to  see  beyond  a  particularly 
embarrassing  public  relations  episode. 

Either  way,  things  could  be  worse:  Eight  years  after  company  founders  began 
pondering  the  problems  inherent  in  providing  U.S.  postage  securely  over  the 
Internet,  Stamps.com  recently  posted  its  first  quarterly  profit  —  3  cents  per 
share.  While  McBride  told  Wall  Street  that  the  milestone  would  have  been 
reached  with  or  without  the  much-publicized,  wildly  popular  and  at  least  tem¬ 
porarily  suspended  PhotoStamps  program,  there  can  be  no  mistaking  what’s  at 
stake  for  his  company  as  postal  officials  ponder  the  future  of  those  stamps. 

Consider  these  numbers  from  the  seven-and-a-half-week  PhotoStamps  trial: 

More  than  400  news  stories  and  260  broadcast  reports  —  priceless  marketing 
for  a  small  public  company  —  chronicled  the  near-overnight  success  of  Photo¬ 
Stamps,  which  was  embraced  by  all  manner  of  consumers  looking  to  put  pictures 
of  their  choosing  on  their  postage. 

About  2.6  million  PhotoStamps  were  sold:  130,000  sheets  of  20  stamps  apiece. 

Thirty  thousand  of  those  sheets  were  ordered  in  the  final  24  hours  of  the  experi¬ 
ment  as  buyers  scrambled  to  get  their  stamps  after  the  program’s  impending 
suspension  was  publicized. 

The  Postal  Service  reaped  more  than  $1  million  in  revenue. 

But  then  there  was  that  smoking  gun  —  www.thesmokinggun.com.  Best  known 
for  posting  mug  shots  and  court  documents  of  the  famous  and  infamous,  the  site 
scored  a  direct  hit  on  PhotoStamps  by  publicizing  its  success  in  ordering 
PhotoStamps  that  depicted  the  likes  of  accused  Yugoslavian  war  criminal 


Slobodan  Milosevic,  executed  spies  Julius  and  Ethel  Rosenberg,  and  the  high 
school  yearbook  photo  of  UnabomberTed  Kaczynski. 

Not  exactly  the  images  one  has  come  to  associate  with  postage.  PhotoStamps 
was  supposed  to  introduce  a  smattering  of  wedding  photos  and  baby  pictures  in 
among  the  historical  figures  and  cultural  icons.  A  rogues’  gallery  was  not  sup¬ 
posed  to  be  part  of  the  bargain. 

“We  actually  filtered  through  83,000  images  in  seven  and  a  half  weeks,  so  nine 
[inappropriate  images]  out  of  83,000  is  the  number  that  were  misclassified  and 
that's  99.99%  accuracy,  which  we  think  is  very,  very  good  accuracy  for  a  human¬ 
being-based  process.” 

That’s  right,  human-based.  All  that  stood  between  the  pranksters  at  The 
Smoking  Gun  and  that  phalanx  of  philatelic  felons  was  a  trio  of  Stamps.com 
employees  whose  job  it  was  to  weed  out  inappropriate  orders. 

“Some  of  the  more  obscure  infamous  images  were  a  little  bit  tougher  to  catch," 
McBride  says. 

Example:  Monica  Lewinsky's  blue  dress  got  through,  too.  However,  McBride 
notes  that  the  low-tech  security  breach  occurred  early  on  in  the  trial  run  and  was 
not  repeated,  giving  him  —  and  he  hopes  the  Postal  Service  —  confidence  that  a 
recurrence  is  unlikely. 

The  Postal  Service  is  expected  to  decide  by  year-end  whether  PhotoStamps 
will  get  a  second  chance. 

“We  view  it  as  there  being  two  potential  outcomes  of  this  process:  One  is 
there's  another  market  test  for  some  period  of  time,  which  would  probably  be  a 
year  or  maybe  even  longer  than  that.The  other  would  be  that  there  is  no 
PhotoStamps,"  McBride  says.  "We  just  think  it’s  probably  too  big  of  a  step  to  go 
from  a  very  short  market  test  that  we  have  done  already  to  permanent  approval.” 

The  Postal  Service  really  ought  to  green-light  this  one:  After  all,  the  stamp 
world  hasn't  seen  this  kind  of  excitement  since  Skinny  Elvis  vs.  Fat  Elvis. 

No  postage  necessary  here.  The  address  is  buzz@nww.com. 


MEANS  MORE  POWER 


ProCurve  Networking  by  HP  offers  a  range  of  affordable 
gigabit-enabled  switches  that  is  second  to  none.  That 
means  you  can  get  better  performance  from  your  network 
along  with  better  performance  from  your  networking 
dollars.  Downloads  that  used  to  take  minutes  can  now  be 
done  in  seconds.  And  you  can  do  it  for  cents.  Not  dollars. 
That’s  high-availability  gigabit  performance  at  the  edge — 
not  just  the  core  of  your  network.  What’s  more, 
ProCurve  gigabit-enabled  switches  are  backed  by 
a  lifetime  warranty* — perhaps  the  best  in  the  industry. 
More  affordability.  More  choice.  More  productivity. 


HP  ProCurve  SWITCHES: 
>800,  3400,  4100  AND 
1300  SERIES 

•Open  standards  enabling 
interoperability  and  ease 
of  integration 

•Flexibility  of  stackable 
or  chassis  configuration 

•Lifetime  warranty* 

•Low  cost  of  ownership 
Legendary  service  and  support 
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:  the  power  of  gigabit  for  less. 

>m/procurvepromo  for  our  latest  gigabit  promotions. 


ProCurve  Networking 


HP  innovation 


CLICK  www.hp.tradeups.com/procurvepromo  CONTACT  your  local  HP  reseller 


Lifetime  warranty  applies  to  all  ProCurve  Products,  excluding  the  ProCurve  routing  switch  9300m  Series  and  Secure  Access  700wl  Series,  which  have  a  one-year  warranty  with  extensions  available.  ©2004  Hewlett-Packard  Development  Company,  L.P 
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Building  a  Roadmap 

,  cc  MAGAZINE  AWARDS 

q  2  tickets  to  SO 


Date:  February  14,  2005 
San  Francisco 

Visit  ca.com/etrust/workshop 

for  information  and  to  register  to  win. 


It  takes  an  integrated  security  solution  to  make  sure  the 
right  people  have  the  right  access  at  the  right  time. 

eTrust*  Identity  and  Access  Management  Solutions 

These  days,  a  vital  aspect  of  security  management  is  providing  customized 
levels  of  access  for  countless  employees  and  partners  while  also  protecting 
your  customers  from  identity  theft.  That's  one  complicated  job-and  one  that 
can  be  made  much  easier  with  CA's  eTrust  Identity  and  Access  Management 
(1AM)  Solutions.  They  enhance  security  and  reduce  costs  by  automating 
processes  and  enabling  self-administration,  in  addition  to  providing  policy-based 
cross-platform  protection  for  web,  mainframe,  and  application  resources 
enterprise  wide.  To  find  out  how  CA's  1AM  solutions  can  improve  your  business, 
attend  one  of  our  workshops,  ca.com/etrust/workshop 
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